- Azure Platform: Microsoft's cloud computing service for building, testing, deploying, and managing applications and services.
- Remote Desktop Connection: A proprietary protocol developed by Microsoft, allowing users to connect to another computer over a network connection.
- Command-Line Utilities: Tools available via the command line interface for various tasks.
- Network Protocols: Set of rules for data communication. For this guide, we focus on SSH, RDH, DNS, HTTP/S, and ICMP.
- Wireshark: A free and open-source packet analyzer used for network troubleshooting and analysis.
- Windows 10 (Version 21H2): A widely used operating system by Microsoft.
- Ubuntu Server 20.04 LTS: A free and open-source Linux distribution based on Debian.
-
Setting Up the Environment:
- Resource Group: Acts as a logical container where Azure resources, like VMs, are deployed and managed.
-
Connecting to Windows VM:
- Use the Remote Desktop Connection tool to access VM1.
- Once inside VM1, navigate to the official Wireshark website, download the latest version, and follow the installation prompts.
-
Filtering ICMP Traffic:
- Launch Wireshark on VM1.
- In the filter bar at the top, type "ICMP" and press enter. This will display only ICMP traffic, making it easier to analyze.
-
Ping Test:
- On VM1, open CMD or Powershell.
- Use the
ping
command followed by the private IP of VM2 to send ICMP packets. This tests the connectivity between the two VMs.
-
Continuous Ping & NSG Configuration:
- Initiate a continuous ping from VM1 to VM2 using the command
ping <VM2 IP> -t
. - In the Azure portal, navigate to the NSG associated with VM2.
- Block incoming ICMP traffic by adding a new inbound security rule. This will simulate a scenario where VM2 becomes unreachable.
- Initiate a continuous ping from VM1 to VM2 using the command
-
Re-enabling ICMP Traffic:
- In the Azure portal, modify the NSG rule to allow ICMP traffic again.
- On VM1, you should observe that the continuous ping resumes successfully.
-
SSH Traffic Observation:
- SSH (Secure Shell) is a protocol used for secure remote login from one computer to another.
- From VM1, attempt to SSH into VM2. Monitor this SSH traffic in Wireshark for any anomalies or issues.