Part 2: Basic Iftop Usage With Linux Lite
Iftop is simple enough to use and does provide some useful information about what’s going on with your WIFI interface. To run a basic scan of your WIFI interface you will need the name of your interface which will be listed in Connection Information on your Linux Lite desktop. Run the command as shown below: sudo iftop -p (promiscuous mode) -b (which turns off the default bar graph at the top of the display) -i yourinterfacename.
In the scan result below MS Edge (dev) is running and you can see many results that reflect the many connections on that channel including the router. What interests me is the 224.0.0.251 connection named as Express.lan. This is a multicast or mdns connection running to a plasma TV that uses an older plugin Roku device.
By keying in Shift + d while the scan is running I can display the destination port type and/or name of the running service. You can see below that this computer is scanning the mdns device. You can also see that other than the router the connections are all https. I already know that the akamaitechnologies connection is to a server/server farm commonly used by Microsoft.
To see the source port key in Shift + s.
Below are some links to look up IP addresses and the iana port registry,
https://ip-address-lookup-v4.com/
https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml
My concern here is simple. It is important to keep your home WIFI secure. Don’t give out your password freely.
https://kb.iweb.com/hc/en-us/articles/360005117952-Guide-to-Multicast-DNS-mDNS-security-issues
https://book.hacktricks.xyz/pentesting/5353-udp-multicast-dns-mdns
https://securityaffairs.co/wordpress/35607/hacking/mdns-amplify-ddos-attack.html
Understand that a bad actor inside your local network can easily build an mdns connected application to obtain data that can even include your Windows users passwords and beyond.
Part 1: Basic Nmap Usage With Linux Lite
Part 3: Basic Nmap Usage With Windows 10
Part 4: Some Useful Linux Lite Network Utilities