1
00:00:00,330 --> 00:00:08,340
Now, if you if you want to capture the traffics of XDR requests or specific protocol, you can provide

2
00:00:08,340 --> 00:00:09,060
the protocol here.

3
00:00:09,360 --> 00:00:15,420
So if I typed TB in my case, as you can see, actually TB as TB to actually TB three, but in my case,

4
00:00:15,420 --> 00:00:16,530
I will actually be.

5
00:00:16,890 --> 00:00:18,480
And you can see there are nothing for.

6
00:00:18,660 --> 00:00:28,320
So if I open my browser here sorry, my terminal and if I can actually TB as Google dotcom.

7
00:00:29,990 --> 00:00:33,450
You can see it will not show anything because it is actually DHBs.

8
00:00:33,750 --> 00:00:38,000
Now, if I take care of it, by the way, here it is, the sea you are in.

9
00:00:38,390 --> 00:00:43,680
So actually, this is to if I could MANCERA This is to transfer your oil.

10
00:00:43,700 --> 00:00:46,900
It is a tool to transfer data from or to assemble.

11
00:00:47,030 --> 00:00:53,390
OK, and this is used with specific protocols like FGB of TB.

12
00:00:54,290 --> 00:00:56,690
FTB, I mean, I activist, whatever.

13
00:00:56,950 --> 00:01:03,090
OK, so this time it will be Kirkeby it like that.

14
00:01:03,110 --> 00:01:03,970
Oh cool.

15
00:01:04,160 --> 00:01:04,900
You can see that.

16
00:01:04,910 --> 00:01:05,330
Yeah.

17
00:01:05,510 --> 00:01:11,570
The source it is coming from my machine which is this Ebe and it is going to the destination which is

18
00:01:11,570 --> 00:01:13,270
the public IP of Google.

19
00:01:13,700 --> 00:01:18,040
And now it is coming from as you can see this is the earnings or the information.

20
00:01:18,320 --> 00:01:19,010
Here it is.

21
00:01:19,010 --> 00:01:25,910
Get slash the active version one point one and we got the response which is this one.

22
00:01:25,910 --> 00:01:28,730
The tool, the response is the source.

23
00:01:28,730 --> 00:01:34,820
You can see that the source here coming from Google did come and going to our destination, which is

24
00:01:34,820 --> 00:01:35,750
my IP address.

25
00:01:35,960 --> 00:01:42,620
And the protocol is actually as we put in the filter and here you can see it will show us that it is

26
00:01:42,620 --> 00:01:44,000
moved permanently or whatever.

27
00:01:44,030 --> 00:01:47,300
OK, now this is the same thing for the NSA.

28
00:01:47,300 --> 00:01:54,620
You can type DNS and you can, but also all the NSA requests or Becket's.

29
00:01:54,860 --> 00:02:00,230
So you can see that here we are going to somewhere or whatever data we are receiving.

30
00:02:00,720 --> 00:02:01,160
Right.

31
00:02:02,180 --> 00:02:07,410
The same thing for you to be asked, by the way, but you can see that actually that's not what goes

32
00:02:07,520 --> 00:02:08,510
up here.

33
00:02:08,520 --> 00:02:12,470
It would work if we type or else get the elastic.

34
00:02:13,220 --> 00:02:16,010
OK, so the same thing.

35
00:02:16,280 --> 00:02:16,960
All right, cool.