Presentation is loading. Please wait.

Presentation is loading. Please wait.

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

Published byMarcus Heath Modified over 9 years ago

Similar presentations

Presentation on theme: "Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication."— Presentation transcript:

1 Packet Analyzers, a Threat to Network Security

2 Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication protocols How packet analyzers work Who uses packet analyzers

3 Agenda (Continued) What devices packet analyzers can run on How to detect packet analyzers How to protect against packet analyzers End user awareness Conclusion Questions

4 Introduction Is confidential information that is sent out across the network only viewable by the sender and its recipient(s)? Networking standards were designed for compatibility and ease of use Security was not a major issue

5 Packet Analyzer Background A packet analyzer is a tool whose intended purpose was to help network administrators troubleshoot and diagnose their local area networks Packet analyzers can also fall into the wrong hands for malicious purposes

6 LAN Technologies & Network Protocols LAN technologies Shared mediums Ethernet Most common technology today Operates at various speeds and mediums

7 LAN Technologies & Network Protocols (Continued) Network protocols Protocols are a set of rules each machine must follow in order to communicate TCP/IP Most commonly used protocol in corporate networks The only protocol used on the Internet

8 LAN Technologies & Network Protocols (Continued) Network communications Everybody on a repeated network sees the same transmitted data It is the responsibility of the stations to ignore data that is not intended for them (honor system)

9 LAN Technologies & Network Protocols (Continued) Switches reduce the amount of stations that can view the same transmitted data Tries to keep track of where stations are located so it can direct data only to its intended recipient If the switch does not know where to send the data, it is forced to send it to everyone Routers never broadcast data Will only send data directly to a machine or another router

10 Communication Protocols Insecure communication protocols FTP (file transfer protocol) HTTP (hyper-text transfer protocol) SMTP (simple mail transfer protocol) POP (post office protocol) IMAP (internet message access protocol) Telnet SNMP (simple network management protocol)

11 Communication Protocols (Continued) Secure communication protocols FTPS- secure FTP HTTPS- secure HTTP No secure SMTP, POP, or IMAP PGP (Pretty Good Privacy) - encrypts message within SMTP, POP, or IMAP SSH (secure shell) - answer to secure Telnet

12 How Packet Analyzers Work Can be installed on numerous operating systems or can be dedicated hardware Run under promiscuous mode Can define filters to only capture wanted data Converts binary data into a comprehensible format Can only convert clear text Similar to a wire tap performed on phone lines

13 How Packet Analyzers Work (Continued) Ethereal (http://www.ethereal.com)

14 How Packet Analyzers Work (Continued) Iris (http://www.eeye.com/html/Products/Iris)

15 Who Uses Packet Analyzers Network administrators Troubleshoot and diagnose the network Intrusion detection Network intruders Gather sensitive data Monitor web browsing, email, or instant message communication

16 Who Uses Packet Analyzers (Continued) The U.S. government Crime prevention Carnivore Can capture all network traffic of a particular user or IP Installed at suspect’s ISP The USA PATRIOT Act has reduced restrictions previously placed on Carnivore U.S. attorney or state attorney general can order the installation of Carnivore without going to court Law enforcement agents can get blank warrants

17 What Packet Analyzers Can Run On Can be installed on desktops, laptops, and PDA’s (personal digital assistants) Can be purchased or downloaded for free Can work on any type of network as long as the hardware and software support it, including wireless networks

18 What Packet Analyzers Can Run On (Continued) Small size of PDA’s and palm-sized laptops allow packet analyzers to fit in a shirt pocket

19 How to Detect Packet Analyzers Packet analyzers do not transmit data, making detection difficult Other network-based applications may give away its presence, email, web browser, ARP (address resolution protocol), DNS (domain name service) Network administrator can ‘trick’ the network analyzer to reply Specialized programs to detect network analyzers AntiSniff, CPM (check promiscuous mode), neped, sentinel, and ifstatus

20 How to Protect Against Packet Analyzers Intrusion detection/prevention system When possible, restrict network access by hardware address Disable unused ports Disable port mirroring when not in use Password protect networking devices (don’t use default passwords) Only use secure operating systems that prevent end users from installing packet analyzers (Windows NT- based, Linux, or UNIX) Virus scanners to detect malicious packet analyzing software

21 End User Awareness Know what information is sensitive and how to make sure transmission methods are secure Example: use HTTPS for online banking/shopping Look at alternative methods of transmittal Example: Using SSH instead of Telnet Know network administrators can be using packet analyzers to monitor you Don’t do anything you shouldn’t at work!!!

22 Conclusion When computers communicate over networks, their communication is at risk of being intercepted and monitored by packet analyzers. A packet analyzer can capture sensitive data, such as credit card numbers, usernames, or passwords. It is important to be protected against network intrusions, as well as be aware of how secure one’s network communication is.

23 Questions

Download ppt "Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication."

Similar presentations

Computer networks SATISH MISHRA,PGT CS,KV TRIMULGHERRY.

Computer networks SATISH MISHRA,PGT CS,KV TRIMULGHERRY.
1 Eastern Michigan University Asad Khailany, Eastern Michigan University Dmitri Bagatelia, Eastern Michigan University Wafa Khorsheed, Eastern Michigan.

1 Eastern Michigan University Asad Khailany, Eastern Michigan University Dmitri Bagatelia, Eastern Michigan University Wafa Khorsheed, Eastern Michigan.
IS 247 Introduction to Web Application Development Tim Wu.

IS 247 Introduction to Web Application Development Tim Wu.
Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.

Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.
The Internet Useful Definitions and Concepts About the Internet.

The Internet Useful Definitions and Concepts About the Internet.
Internet…issues Managing the Internet

Internet…issues Managing the Internet
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.
Networking DSC340 Mike Pangburn. Networking: Computers on the Internet  1969 – 4  1971 – 15  1984 – 1000  1987 – 10,000  1989 – 100,000  1992 –

Networking DSC340 Mike Pangburn. Networking: Computers on the Internet  1969 – 4  1971 – 15  1984 – 1000  1987 – 10,000  1989 – 100,000  1992 –
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.
Chapter Overview TCP/IP Protocols IP Addressing.

Chapter Overview TCP/IP Protocols IP Addressing.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.

Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
Forensic and Investigative Accounting

Forensic and Investigative Accounting
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 IT Essentials PC Hardware and Software 4.1 Instructional Resource Chapter.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 IT Essentials PC Hardware and Software 4.1 Instructional Resource Chapter.
JMU GenCyber Boot Camp Summer, 2015. Network Sniffing Sometimes it is possible observe/record traffic traveling on a network Network traffic may contain.

JMU GenCyber Boot Camp Summer, Network Sniffing Sometimes it is possible observe/record traffic traveling on a network Network traffic may contain.
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.

CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
Hands-On Microsoft Windows Server 2003 Networking Chapter Three TCP/IP Architecture.

Hands-On Microsoft Windows Server 2003 Networking Chapter Three TCP/IP Architecture.
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 12 Electronic Mail.

Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 12 Electronic Mail.
Syllabus outcomes 5.2.1 Describes and applies problem-solving processes when creating solutions. 5.2.2 Designs, produces and evaluates appropriate solutions.

Syllabus outcomes Describes and applies problem-solving processes when creating solutions Designs, produces and evaluates appropriate solutions.

Similar presentations

Ads by Google