CONTENTS

Network Protocols Analyzers: Telnet Session

1. Telnet Session.  In this part, you will use the SDS to capture the Telnet session between PC1 & PC2 to show that the Telnet protocol does not deploy a secure login technique.

1. On PC3, click Start> Programs>Distributed Sniffer Pro>SniffView.

2. Click OK at Enter Console Password window (no need to enter user name & password). SnifferView console will appear.

3. To create an agent for capture Ethernet traffic, click Agents>Add. The Agent Wizard will appear.

4. Select DSPro in Type box. Enter tel2821agent in Agent Name and leave a blank password. Then click Next.

5. Enter 192.168.30.53 in Hostname/IP Address. Click Get Card List and select Network Associates. Inc. NAI21140/UC_2 in drop down list. Then Click Finish. The agent will appear in SniffView.

6. Highlight the telnetagent and click Connections> Connect in SniffView. The tel2821agent will be connected to Sniff View console. Sniffer window for the tel2821agent will appear (This will take a few seconds to completely load Sniffer window).

7. In this lab, we will capture traffic only between PC1 and PC2. At Sniffer window, click Capture>Define filter.

8. Click Address tab, select IP in Address Type. Enter PC1s IP address under Station 1 table and PC2s IP address under Station 2 table on row 1. Then click OK. We are now ready to capture traffic.

9. (Note: you may need two people in the step 9-14: one at PC3 and one at PC1& PC2) Click Capture>Start at Sniffer window on PC3.

10. Create a telnet session from PC1 to PC2. On PC1, open a Terminal and type:

$telnet 192.168.30.52

1.  Login prompt will appear. Enter login name and password as shown in Login Instruction.
2. A welcome message will appear.
3. Type exit to close the telnet session.
4. At PC3, Click Capture>Stop to stop capture traffic between PC1 and PC2.
5. Click Capture>Display. All capture packets in telnet session will appear in Sniffer window.
6. Use Scroll bar to find packets that contain all password characters, print out the result using print screen, and attach the result with this lab exercise.

Note:  Telnet session always sends each password character as a separate packet.  To save you result, press the Print Screen button on the keyboard and paste it into Paint.   To open Paint click Start>Programs>Accessories>Paint. Save the file of the Sniffer window to a disk.  

2. Secure Shell Session.    Instead of the Telnet session, in this part you will run a secure shell session from PC1 to PC2 and use the SDS to capture the results.

1. Verify that the previous section on Telnet has been completed.

2. Click Capture>Start at Sniffer window on PC3.

3. Create a secure shell session from PC1 to PC2, which is done on PC1 by using the following command: $ssh l tel2821 192.168.30.52

4. Enter the password as shown in the Login Instruction.

5. Type exit to close the telnet session.

6. At PC3, Click Capture>Stop to stop capture traffic between PC1 and PC2.

7. Click Capture>Display. All capture packets in telnet session will appear in Sniffer window.

8. Use Scroll bar to view all captured packets, print out the result, and attach the result with this lab exercise.

3. Questions.

1.  What packets contain the password characters? 

2. What is the difference between the Telnet session and Secure shell session in terms of what you see with the sniffer?