fine. We'll not. Finally. Next. We're gonna look at wire shirt now. Wire shirt is an amazing tool we talked about in other videos we've got an entire class on. We talked about it all the time because wire shark is the gold standard in packet capture tools. Now, what is packet capturing? Capturing is monitoring your network for communications that are happening on that network.
That's the way you're going. You'll be able to use that to perform inventory auditing to find out. Okay, Some things are never that shouldn't be or something that's not supposed or something that
is supposed to be our network doesn't seem to be. It will let you follow http streams that election rebuild traffic. It gives you a taunt of useful information. When I was in training, the building that we were in actually wasn't allowed. We weren't allowed to bring in like CDs of anything except for text files.
We weren't allowed to bring in music or anything like that.
Using wire shark in a couple of plug ins, we brought in a wire shark capture of a download of an MP of MP three's and reconstituted those MP three's fromthe wire shirt captures so that we could have music to work on a lot of training.
I think I think I'm far enough away from training and I can't get in, get in trouble for that anymore. It was in the Navy, so I
hopefully they don't come looking for me for it.
So let's look at wire shark
where it starts again. It's a free tool. It's free download. You can just pull it from the website. Is Google wire shark? It will be your first result.
Now, when you pull it up, it's gonna have a bunch of information that's not really relevant to us right now. Just telling you kind of what it's working on. You're gonna select what you're gonna monitor on. In this case, I'm monitoring on what the V M believes is an Ethernet port.
There you go. So this window here that's gonna pop up is where you're gonna spend a lot of time. If you're doing network network analysis, their network administration. Now there's nothing here right now because there's no data being transferred. There's no communication happening yet,
So to fix that, we're gonna crack open our power shell again.
Got wire shark here and I'm gonna pull it to one side so that you can see what we're about to do.
It's moving very, very sluggishly. PM's air Great videos of great, but trying to do both at the same time to be a challenge. You see, that's gonna work.
All right, so we're monitoring over Ethernet now I'm gonna run a command called w get. And you don't really need to worry too much about whatever you get does. Basically what it does is it reaches out to a Web page and tries to pull that Web page back.
So we're just gonna try it with Google
and bam. You see Aton of information suddenly pop up? Where's your Because now we've got actual network communication happening so you can look at this. You're going to see all of this information, the source, the source. I'd be the destination I p protocol length.
And you can use this to analyze that network traffic and breaking apart. You can say OK, so this first thing, this D. N s look up, D. N s is the domain name service, so it's actually trying to evaluate what is www dot google dot com.
So it sends this message to the N S A to a d n a server. It gets the response it finds out with the I P addresses,
and it's able to actually use that to reach out to Google and find Google's I P.
Which is what you see here in this destination
again, this isn't a wire. Short classes just give you a brief demo of what? Using wire short looks like and how valuable tool it is to assist that mint.
Close it, in this case will choose to quit without saving very often. You want to save the data just because you're storing network information
All right, that was wire shark. Now the final tool in the one we're gonna do our final demo with is the Microsoft Management Council. Now this is again. This is one that I'm extremely extremely personally familiar with, because I used it from a Microsoft management. All of my system and work.
It's a tool that's built into Windows. It's been built into Windows since
Windows x p. It's been built in for a long time. What Microsoft Management Council does. It actually takes a bunch of the different management profile. So user management, network management, computer management, all the different things you need to do wantto on a machine or on a network. And it puts them into a single location as what we call as
snap ins or plug ins. Basically,
So we pull up an emcee,
run the command it's gonna ask to run
as an administrator,
which, for those who didn't know that already, the pop of the Windows now shows that you want to let it make changes. Your computer, that's all that's actually happening, is it's running is an administrator.
we got our council route.
What we're gonna do whenever we're trying to perform an action, we're gonna go to file, we're gonna add or remove a snap in,
which is their weird word for a plug in it all. It really is now on a local machine. What we're going to do today is we're gonna create a new user. So we've got local users and groups is one of our optional snap ins. We add it's gonna say local computer or another. So for managing across the network, we can use this to manage computer somewhere else. Right now, we're just gonna do local.
We see that. That's the only snapping we want right now.
Now we've got a new Now we've got this new option that we could mess with the local users and groups. We got users here,
and we've got the current listed users that exist. Guess, default account Administrator user. And this utility account
to create a new one will just right click hit new user.
with the full name of demonstration.
will create them a default password
Now, that should show up.
We've got a demo account. Now we can log out of this machine and log back in with that password.
So what I'm attempting to do right now is log out of the account that I created that with and log into the demo account to demonstrate it.
That is being very challenging because, of course,
VM czar, sometimes a nightmare.
in all of this and I'm just gonna project about all of this is a great
thing for people, people to see just because, you know, you may have to assign mentioned before kind of adapt. You know, it's a sys admin. Because a lot of things may go on your V m or whatever you're trying to do may not work properly. You kind of have to adjust it and keep moving forward. So you may have seen what can we talk
that under the user wanna hit user now? It actually had a second account available because Windows 10 is going to try and display all of its local accounts to you.
So we've got our demonstration account or default password
user's password must be changed. And now you have your normal experience with creating an account. So this is really all you have to do under the hood when you're doing systems administration
to create new users. Now, different people are gonna
different groups. We're gonna have different methodologies. They're gonna have different management systems. But I am a personal I'm an evangelist of the MMC because again it's built by windows. It's built into windows. It's just a phenomenal
and we created our new password.
There we go use your existing to be logged in now that process is very, very simple to do because of the fact these tools exist for Windows. That's something that has a sys admin. You're going to do it all the time. We talked about it being the first and last person Users meet. There you go. That's a great example.