CSCI 530 Lab Packet Sniffing.

Slides:

Advertisements

Similar presentations

Ethical Hacking Module VII Sniffers.

Advertisements

Password Cracking, Network Sniffing, Man-in-the-Middle attacks, and Virtual Private Networks Lab 2 – Class Discussion Group 3 Ruhull Alam Bhuiyan Keon.

F3 Collecting Network Based Evidence (NBE)

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

1 Eastern Michigan University Asad Khailany, Eastern Michigan University Dmitri Bagatelia, Eastern Michigan University Wafa Khorsheed, Eastern Michigan.

Network Attacks Mark Shtern.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Packet Sniffing - By Aarti Dhone.

Wireshark – Introduction Wire 1 Due date: Friday, October 30th.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &

Sniffing the sniffers - detecting passive protocol analysers John Baldock, Intel Corp Craig Duffy, Bristol UWE.

Institute of Technology Sligo - Dept of Computing LAN Maps & Symbols Topologies & Devices Paul Flynn.

Computer Security and Penetration Testing

Detection of Promiscuous nodes Using Arp Packets By Engin Arslan.

Passive traffic measurement Capturing actual Internet packets in order to measure: –Packet sizes –Traffic volumes –Application utilisation –Resource utilisation.

Introduction to InfoSec – Recitation 12 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Networking Components Raymond C. Banks LTEC 4550 October 12, 2013.

Networking Components Mike Yardley LTEC 4550 Assignment 3

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

Introduction to IT and Communications Technology Justin Champion C208 – 3292 Ethernet Switching CE

LTEC 4560 Summer 2012 Justin Kappel Networking Components.

JMU GenCyber Boot Camp Summer, Network Sniffing Sometimes it is possible observe/record traffic traveling on a network Network traffic may contain.

COEN 252 Computer Forensics

Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.

Computer Networks.  The OSI model is a framework containing seven layers that defines the protocols and devices used at each stage of the process when.

ECE4112 Lab 7: Honeypots and Network Monitoring and Forensics Group 13 + Group 14 Allen Brewer Jiayue (Simon) Chen Daniel Chu Chinmay Patel.

COEN 252 Computer Forensics Collecting Network-based Evidence.

This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.

Introduction to InfoSec – Recitation 11 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

CS 3830 Day 5 Introduction 1-1. Announcements  Program 1 due today at 3pm  Program 2 posted by tonight (due next Friday at 3pm)  Quiz 1 at the end.

Linux Networking and Security

Networking Components Daniel Rosser LTEC Network Hub It is very difficult to find Hubs anymore Hubs sends data from one computer to all other computers.

Module 4 Quiz. 1. Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution.

CHAPTER 9 Sniffing.

Topics Network topology Virtual LAN Port scanners and utilities Packet sniffers Weak protocols Practical exercise.

CNIT 124: Advanced Ethical Hacking Ch 7: Capturing Traffic.

Sniffer, tcpdump, Ethereal, ntop

0x440 Network Sniffing.

Networking Components Siby Abraham LTEC Purpose of the presentation  This presentation will cover how certain network components function, when.

Network Components Basics!. Network HUB  Used to connect multiple Ethernet devices together  Layer 1 of the OSI model  Not used much today.

FIREWALLS What Is A Firewall? A computer firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality.

Network Programming Chapter 1 Networking Concepts and Protocols.

NETWORK DEVICES RONALD SHERGA OCTOBER 13, 2015 LTEC 4550.

Networking Components William Isakson LTEC 4550 October 7, 2012 Module 3.

Networking Components Assignment 3 Corbin Watkins.

.  Hubs send data from one computer to all other computers on the network. They are low-cost and low-function and typically operate at Layer 1 of the.

Internet Flow By: Terry Hernandez. Getting from the customers computer onto the internet Internet Browser

Lab #2 NET332 By Asma AlOsaimi. "Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies,

Network Devices and Firewalls Lesson 14. It applies to our class…

Securing Interconnect Networks By: Bryan Roberts.

Mobile Packet Sniffer Ofer Borosh Vadim Lanzman Dr. Chen Avin

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

Fall  Computer Crimes  Operating System Identification  Firewalking 2.

Network Eavesdropping. 2 Outline Concepts Concepts Methodology Methodology Detection Detection.

SECURE LAB: CREATING A CISCO 3550 VLSM NETWORK

Lab #2 NET332 By Asma AlOsaimi.

Networks Fall 2009.

Network Eavesdropping

NET 536 Network Security Firewalls and VPN

VPN: Virtual Private Network

LAN Vulnerabilities.

Wireless Network Security

Packet Sniffers Lecture 10 - NETW4006 NETW4006-Lecture09.

Semester 2 1 JEOPARDY CHAPTER 1 REVIEW S2C01 Jeopardy Review.

Firewalls Routers, Switches, Hubs VPNs

VPN: Virtual Private Network

Computer communications

Presentation transcript:

CSCI 530 Lab Packet Sniffing

Scenarios You are a network administrator. You suspect that some of the employees are not working and instead spending all their time at www.espn.com Could filter at the firewall for this address But you want to see what sites they are accessing, without their knowledge You are a hacker. You have compromised a system. You are unable to gain access to other systems on the network. You want to get some usernames and passwords to access these systems.

Solution – Packet Sniffer A tool that captures, interprets, and stores network packets for analysis Works at the Transport layer of the OSI 7 layer model (Layer 4), but some can work at Network Layer (Layer 3) Normal network traffic is based on the destination IP address Your network card will throw away any packets that are not intended for that card In “Promiscuous Mode”, your network card will take all the packets on the network, regardless of the destination IP address.

Packet Sniffer Limitations Sniffers are limited by the network topology Cannot extend beyond normal network boundaries Cannot look past a router, switch, hub, etc. However, if you put a packet sniffer on a network backbone, then you will be able to see traffic bound between intranets

Examples of Packet Sniffers Ethernet Sniffers Wireshark (formally known as Ethereal) You will be using this tool in the lab DSniff TCPDump Wireless Sniffers Airopeek Bluetooth Sniffers BlueSweep BlueScanner

Defending against Sniffers Change your network topology Part of your lab research – find out which topology and/or device is most protective against sniffers Encryption SSH IPSec Detect sniffers Antisniff – from the l0pht group Snort Normally for intrusion detection, but will also attempt to detect a host working in promiscuous mode

Lab Assignment Handout has been posted DEN Students: This lab can be done on a home machine (I advice against doing it at work). The DEN lab will be set up next week. You will receive an e-mail with your login by next week. Lab assignment is DUE on 9/25/06 by 11:59:59 PM FOR DEN STUDENTS ONLY All other students, this lab is to be done during next week’s (9/18) lab section and is due before the following week’s (9/25) lab section

Lab Assignment Continued Submission guidelines E-mail the answers questions at the end of the handout by the due date. Attach as a text file, .doc, or .pdf Submit to YOUR LAB T.A. ONLY Subject line must say: CSCI 530 Lab 3 <section day & time> Where <section day & time> are replaced with your day & time Example: CSCI 530 Lab 3 Friday 12:30 We do not send confirmation e-mails. If you request a read receipt or a return receipt, we will say yes and you will get a confirmation.