Giter VIP home page Giter VIP logo

azure-network-protocols's Introduction

Inspecting Traffic Between Azure Virtual Machines using NSGs

Traffic Examination

Introduction

Network Security Groups (NSGs) in Azure act as a firewall, allowing or denying traffic to resources like Virtual Machines (VMs). This guide provides a detailed walkthrough on monitoring network traffic between Azure VMs using Wireshark and controlling this traffic using NSGs.

Tools & Technologies

  • Azure Platform: Microsoft's cloud computing service for building, testing, deploying, and managing applications and services.
  • Remote Desktop Connection: A proprietary protocol developed by Microsoft, allowing users to connect to another computer over a network connection.
  • Command-Line Utilities: Tools available via the command line interface for various tasks.
  • Network Protocols: Set of rules for data communication. For this guide, we focus on SSH, RDH, DNS, HTTP/S, and ICMP.
  • Wireshark: A free and open-source packet analyzer used for network troubleshooting and analysis.

Operating Systems in Use

  • Windows 10 (Version 21H2): A widely used operating system by Microsoft.
  • Ubuntu Server 20.04 LTS: A free and open-source Linux distribution based on Debian.

Detailed Steps

  1. Setting Up the Environment:

    • Resource Group: Acts as a logical container where Azure resources, like VMs, are deployed and managed.
    Resource Group Setup - **Virtual Machines**: VM1 will be a Windows machine, while VM2 will be an Ubuntu machine. Ensure VM1 has at least 2 vCPUs and 16GB RAM for optimal performance. VM Setup

  2. Connecting to Windows VM:

    • Use the Remote Desktop Connection tool to access VM1.
    • Once inside VM1, navigate to the official Wireshark website, download the latest version, and follow the installation prompts.

  3. Filtering ICMP Traffic:

    • Launch Wireshark on VM1.
    • In the filter bar at the top, type "ICMP" and press enter. This will display only ICMP traffic, making it easier to analyze.
    Wireshark ICMP Filter

  4. Ping Test:

    • On VM1, open CMD or Powershell.
    • Use the ping command followed by the private IP of VM2 to send ICMP packets. This tests the connectivity between the two VMs.
    Ping Test

  5. Continuous Ping & NSG Configuration:

    • Initiate a continuous ping from VM1 to VM2 using the command ping <VM2 IP> -t.
    • In the Azure portal, navigate to the NSG associated with VM2.
    • Block incoming ICMP traffic by adding a new inbound security rule. This will simulate a scenario where VM2 becomes unreachable.
    NSG Configuration

  6. Re-enabling ICMP Traffic:

    • In the Azure portal, modify the NSG rule to allow ICMP traffic again.
    • On VM1, you should observe that the continuous ping resumes successfully.

  7. SSH Traffic Observation:

    • SSH (Secure Shell) is a protocol used for secure remote login from one computer to another.
    • From VM1, attempt to SSH into VM2. Monitor this SSH traffic in Wireshark for any anomalies or issues.

Conclusion

Understanding how to monitor and control network traffic in Azure is crucial for maintaining security and optimal performance. By using tools like Wireshark and Azure's NSGs, administrators can gain valuable insights into their network's operations and ensure a secure environment.

azure-network-protocols's People

Contributors

vincenthphung avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.