I'm learning how to develop tests for a hardened server my company is developing for a client. The test configuration will consist of the test target (the server we're developing) and an external test laptop, which I'll use to run some test scripts. The test laptop and the server will both be running Ubuntu 22.04 LTS.
Using Kali Linux in a VirtualBox VM on the test laptop, I need to analyze packets transferred between the test laptop and the target server. I've been using Learning Kali Linux (an O'Reilly textbook) and this resource to build a simple environment in which I can accomplish this, but have reached a dead end. (FYI, this material is incredibly new to me—I don't have a security background and am learning as I go.)
When I configure the network of the Kali Linux VM to be NAT, I can successfully ping the IP addresses of the target server and the host laptop from the Kali Linux VM. I can also successfully ping the host laptop from the target server, and vice-versa. But, when I execute the tcpdump port 22 command in the VM, then perform an scp from the target server to the host laptop, I see no packet data in the Kali Linux shell. Similarly, if I run tcpdump -i any in Kali Linux, I do get a stream, but it's a very slow trickle. Conversely, when I execute the same command on the host laptop outside of the VM I get a healthy flow of info.
Then, when I configure the network of the Kali Linux VM to be a Host-Only Adapter, all of the devices can ping each other (makes sense to me because they share a network now). When I execute tcpdump port 22 and attempt to scp from server to host, I get packet data this time. Great! Except, the scp fails to complete. I don't get an error message in the Bash window of the server where I executed scp though—it appears to get 'hung-up' and never completes. I have to kill the process.
Even after I shut down the Kali Linux VM this remains true: scp fails to complete. Interestingly, when I run ifconfig on the test laptop I can see that the Host-Only Adapter VirtualBox created still persists. If I reboot the host, the network disappears, and I can once again successfully scp from the target server to the host. I now suspect this is a networking issue that I fail to grasp.
Can anyone offer some help with this problem?
