2. Semester II Sniffing exercise 2012
Table of Contents
Requirements:............................................................................................................................................... 2
I. Group ......................................................................................................................................................... 2
II. Plan............................................................................................................................................................ 2
III. Analisys .................................................................................................................................................... 2
IV.Design ....................................................................................................................................................... 3
V. Implementation ........................................................................................................................................ 3
VI. Test .......................................................................................................................................................... 5
VII. LIVE DEMO .............................................................................................................................................. 5
1
3. Semester II Sniffing exercise 2012
Sniffing exercise 1st of May 2012
Requirements:
1.Groups of 2-3
2.Plan
3.Analisys
4.Design
5.Implementation
6.Test
I. Group
Lucian, Victor, Flaviu
II. Plan
1.Block diagram
2. Sequence diagram
3.Find a software to sniff traffic on other computer
4.Use Ettercap to intercept traffic on Lucian’s computer
5.Test: use Wireshark to check packets.
III. Analisys
Figure out what soft to use. We decided to use Ettercap for ARP poisoning and Wireshark to see
packets.
2
4. Semester II Sniffing exercise 2012
IV.Design
For the design part, we came up with a block diagram and a sequence diagram. UML FTW!
They are attached below.
Figure 1: Block diagram. Lucian's and Morten's PC are connected to the Internet through the wireless router. Meanwhile, the
Sniffer is interfering between the computer and router, being disguised as one of the other computers; that is how it can see
the traffic.
V. Implementation
On the implementation part we started working in Ettercap (fig.2), solved the poisoning and we went
on to checking packets that Lucian’s computer gets; for that we used Victor’s computer.
All information about what we have done with Ettercap can be found at:
3
5. Semester II Sniffing exercise 2012
http://openmaniak.com/ettercap_arp.php
We will not fill the document with all steps needed to do this, as the documentation on the site above
is very precise and easy to go through. Beneath, a sneak peak of how Ettercap interface looks like.
Figure 2: Ettercap interface; this is where you choose the interface on which you are sniffing
Figure 3: Scanning for hosts on the entire network
4
6. Semester II Sniffing exercise 2012
Setting the right filters on Wireshark, we were able to see that Lucian was sending messages on
Facebook to people who were not online. Yay. Proof in figure 4.
Figure 4: This is how Wireshark looks when it is sniffing the traffic on Lucian's computer. Here, the filters can be also seen.
VI. Test
For the testing, we are continuing to watch packets received by someone’s computer. It is working
(see figure 4 also).
VII. LIVE DEMO
On our next Networking class, we will show on the projector that our system works.
5