Packet sniffing is one of the many ways to gather information in a network. This method eavesdrops the target machine by capturing and saving packets from network traffic. Sniffing can be done using TCPdump in Kali Linux.
For testing purposes, two virtual machines will be used. Kali Linux and Kali Linux 2.
1. Get Kali Linux 2’s IP address
2. Run tcpdump on Kali Linux with Kali Linux 2’s IP using command:
tcpdump -vvn -i [interface] host [target IP] -w [file name]
3. Use Kali Linux 2 to open a HTTP website such as techpanda.org using Mozilla Firefox
4. Check the pcap file in Kali Linux for packets. Captured packets from Kali Linux shows that Kali Linux 2 interacted with IP 188.8.131.52
5. Follow TCP stream. This shows Kali Linux 2 uses Mozilla Firefox and Linux to access techpanda.org
6. Check Techpanda.org’s IP for proof