1
00:00:01,440 --> 00:00:09,150
In this lecture I will explain how to use the TCB replay command to replay pick up files in order to

2
00:00:09,150 --> 00:00:17,370
simulate network traffic that will be captured so TV replay is a suite of free open source utilities

3
00:00:17,730 --> 00:00:25,080
for editing and replaying previously captured network traffic and it is originally designed to replay

4
00:00:25,350 --> 00:00:30,240
malicious traffic by turns to intrusion detection and prevention systems.

5
00:00:31,050 --> 00:00:45,660
So now I will open the terminal later and go to this path slash opt slash symbols and then if I list

6
00:00:45,780 --> 00:00:57,960
the files in this folder we see a lot of pick up files that can we use as symbols with the TCB really

7
00:00:57,990 --> 00:01:07,630
a comment in order to simulate network traffic or clearly malicious network traffic.

8
00:01:07,630 --> 00:01:15,910
And also we have other symbols in the sub folders like the Markov or MTA and other supporters.

9
00:01:15,910 --> 00:01:27,640
Now I have to run this command with the route privilege so sudo then I will run on the pick up files

10
00:01:27,640 --> 00:01:31,190
in in this folder using the STAR dot pickup.

11
00:01:34,150 --> 00:01:43,360
And I have to use the comments so TCB replay and then I have to choose which switch interface I will

12
00:01:43,450 --> 00:01:49,160
really the traffic into so I will use the AI option.

13
00:01:49,480 --> 00:01:53,620
Then the Ethernet one interface.

14
00:01:55,920 --> 00:02:09,180
And I also might have to specify the speed that I will run D or similar the network traffic to use using

15
00:02:10,140 --> 00:02:21,420
the capital M option and I have specified the speed to be 100 megabytes and also I can use the B B option

16
00:02:21,900 --> 00:02:26,910
in order to specify the number of packets that I will use.

17
00:02:26,940 --> 00:02:38,990
So now I will execute the TCB really comment and I will hit enter and I will enter my password.

18
00:02:39,440 --> 00:02:42,590
We see now that the packets

19
00:02:45,590 --> 00:02:46,340
are being

20
00:02:48,870 --> 00:03:01,680
replaced so now we see that the number of the attempt packets is about fifty five thousand packets and

21
00:03:01,680 --> 00:03:11,400
the successful packets or the number of the successful packets is less than that slightly so and this

22
00:03:11,880 --> 00:03:13,930
is the number of the failed packets.

23
00:03:14,080 --> 00:03:25,420
So now this means that we have successfully executed the DCP replay comment and in the next lecture

24
00:03:26,560 --> 00:03:38,830
I will show to you how to download more samples of these backup files in order to simulate other attacks

25
00:03:38,890 --> 00:03:50,590
or a malicious traffic that you might need to analyse and also after that we will explain how to use

26
00:03:50,770 --> 00:03:59,080
Isa and signal to analyse these network traffic.