Tag Archives: Network

Down the network cable

Today I had some “low-level fun” @ the office: a colleague asked me a proof of the security of the traffic to its (https) site.
I suggested him to use WireShark to do this kind of test but I had my SLAX VM opened and ready! =)

I opened two consoles..the whole test is just two commands! The first one was to sniff into the network traffic, the latter to emulate a browser making GET requests.
One note: I was behind a proxy ( …this is fake if you’re wondering), so I needed to tell the OS where to redirect my HTTP/HTTPS traffic:

export http_proxy=
export https_proxy=

The sniffer

Now that I’m proxed I can listen all the TCP traffic over the port 3456, including request and response headers and message body.
I used tcpdump

tcpdump -A -s 0 'tcp port 3456 and (((ip[2:2] - ((ip[0]&0xf)<>2)) != 0)'

(Thx to jimmyxu101 for the filter syntax)

The “browser”

To emulate a GET request I used wget.

wget -S -O -

This kind of call uses the port 80 (see the HTTP protocol). It will dump the result of the call to stdout.

To make the GET over HTTPS (443):

wget --no-check-certificate -S -O -

Also this command will dump the result to stdout.


VoilĂ …on the wget terminal I can see all the traffic in clear (as my browser does) while on the tcpdump terminal I can read clearly ONLY the :80 traffic.

Leave a comment

Posted by on 2013/10/29 in sys


Tags: ,

Restoring the network into the guest VM

Sometimes into my VirtualBox guest (a Slax vm), it happens that I lost connectivity with the “outside” world. I do actually use a virtual NAT network adapter.

Edit: I found a better (see native) version to fix the connectivity! Be aware that, for an instant, eth0 will go DOWN (then up).

dhcpcd eth0 -n


Here’s the trick to restore it:

pkill dhcpcd
nohup dhcpcd eth0 &

This way I’ll kill and restore the DHCP client daemon.

I surely know this is the lazy way….I’ll should test one of these to kill the service (from man dhcpcd):

dhcpcd -k
kill -1 pid 

and one of these to restart it:

/etc/init.d/dhcpcd start

or maybe a renew:

dhclient -r
Leave a comment

Posted by on 2013/03/04 in sys


Tags: , ,