Linux HW05 - HackMD

# Linux HW05 --- ## ubuntu 安裝wireshark 1.安裝wireshark `sudo dpkg-reconfigure wireshark-common` ![](https://i.imgur.com/Dbty1y4.png) 2.檢視已建立wireshark使用者組(是否安裝）`cat /etc/group |grep wireshark` ![](https://i.imgur.com/5eZw7B6.png) 3.當前登入使用者加入到wireshark組中`sudo usermod -a -G wireshark $USER` ![](https://i.imgur.com/xe4TZnF.png) ## ssh抓取封包 1.終端打開wireshark `sudo wireshark` ![](https://i.imgur.com/aJgRsei.png) 2.選擇ens33 ![](https://i.imgur.com/14VZEli.png) 3.抓取封包,上面輸入欄位打ip.addr = 10.2.200.196 或 ssh 皆可 ![](https://i.imgur.com/Kayj9Pf.png) 可以觀察到Source的ip是從自己電腦的ip(10.2.200.112)發出給Linux的Server(10.2.200.196) ## 參考資料 https://getiot.tech/ubuntu/ubuntu-install-wireshark.html https://blog.csdn.net/magiclyj/article/details/77231707 https://iter01.com/567937.html