Session 1, Introduction & Topology Setup (Kali VM ↔ Windows Host)

Objective: Set up VM topology, ensure bidirectional connectivity, and perform ICMP packet capture & analysis using Wireshark (Windows) & tcpdump (Kali).

Prerequisites & Topology:

1. Host: Windows (with Wireshark installed)
2. VM: Kali Linux
3. VM Network: Host-Only (recommended) or Bridged
4. Example Host-Only IPs: Windows 192.168.56.1, Kali 192.168.56.101

Preparation: Configure Kali VM adapter:

1. VirtualBox → Settings → Network → Adapter 1 → Host-Only Adapter
2. VMware → VM Settings → Network Adapter → Host-only

Boot Windows & Kali. Verify Wireshark (Windows) & tcpdump (Kali) availability.

Steps

A. Identify IP Address Kali:

B. Test bidirectional connectivity Mac os → Kali:

Kali → Mas os:

C. ICMP capture in Wireshark (Windows) Open Wireshark → select Host-Only interface → Start.

From Kali:

Stop capture → apply filter:

Analyze one frame: Ethernet (MAC src/dst), IP (src/dst), ICMP (Type 8 echo-request / Type 0 reply, Code 0).

D. Alternative capture in Kali

# perform ping from Windows

# stop with Ctrl+C

sudo tcpdump -r icmp_cap.pcap

(Optional: open icmp_cap.pcap in Wireshark Windows.)

Verification / Results

1. Successful bidirectional ping
2. Echo Request & Echo Reply visible in Wireshark
3. Able to explain MAC/IP/src/dst and ICMP type/code

Cleanup

1. Stop Wireshark/tcpdump
2. Save icmp_cap.pcap for reporting

Troubleshooting

1. Ping timeout → check adapter mode, Windows Firewall, interface status
2. Bring up interface in Kali: