Downloaded 50 times
Uploaded byMr Cracker
Wiretapping
This document discusses packet sniffing and network monitoring. It defines a sniffer as a tool that can capture and display network data in transit. It explains that sniffers work by putting network adapters in promiscuous mode to listen to all traffic, not just traffic addressed to that system. The document outlines different types of sniffing attacks and protocols that are vulnerable when not encrypted. It also provides examples of sniffer tools and ways to detect and protect against sniffing on a network, such as using encryption, static configurations, and intrusion detection systems.
More Related Content
![Sniffer[1]](https://cdn.slidesharecdn.com/ss_thumbnails/sniffer1-130223011055-phpapp02-thumbnail.jpg?width=640&height=640&fit=bounds)
![Getting Started with Apache Spark: Big Data Made Simple [Free Meetup]](https://cdn.slidesharecdn.com/ss_thumbnails/apachesparkgettingstarted-260203175547-8361bcc3-thumbnail.jpg?width=640&height=640&fit=bounds)
Wiretapping
- 1.
- 3. • Introduction • Whatis sniffer • Sniffing Threats • How a sniffer Work • Type of Sniffing • Protocol vulnerable to sniffing • Tools to Sniff Network Traffic • How to setup a Sniffing Attack • How to protect your self from Sniffing • Tools to detect sniffer on a network
- 4. Wire tapping isprocess of monitoring the Telephone and Internet conversation by third party. Type of Wiretapping
- 5. A Sniffer isa packet-capturing or frame-capturing tool. It basically captures and displays the data as it is being transmitted from host to host on the network.
- 7. A Sniffer turnsthe NIC of a system into Promiscuous(pro-mis-cu-os) mode so that it listen all the data transmitted on its segment. Sniffer can constantly Read all the information entering to the computer through NIC by Decoding the Information encapsulated in Data Packet.
- 8. There are Twotypes of Sniffing Attack Active Sniffing Passive Sniffing
- 9. “Passive Sniffing “meansniffing trough a Hub. Passive Sniffing Involves sending no packets, and Monitoring the Packets sent by others. But Hub Usage is Outdated today.
- 10. When Sniffing isperformed on a Switched network, is known as “Active Sniffing”. Active Sniffing Relies on Injecting Packets (ARP) into the Network, that Cause traffic.
- 11. Telnet and Rlogin HTTP SMTP NNTPPOP FTP IMAP Keystrokes including User Name & Passwords Data sent in clear text Password and data sent in clear text Password and data sent in clear text
- 12. SPAN Port isPort which is configure to Receive a Copy of Every Packet that passes through a Switch
- 13. Sniffing Tools WireShark TCP Dump Cain& Able Capsa
- 27. Restrict the physicalaccess to the network media to ensure that a packet sniffer cannot be installed Use Encryption to protect confidential information Permanently Add MAC address of the Gateway to ARP cache Use static IP Address and Static ARP tables to prevent attacker from adding the spoofed ARP entries for machines in the network
- 28. Turn off networkidentification broadcasts and if possible restrict the network to authorized users in order to protect network form being with sniffing tools Use UPv6 instead of IPv4 protocol Use encrypted session such as SSJ instead of Telnet, Secure Copy (SCP) instead of FTP, SSL for E-mail connection, etc. to protect wireless network users against sniffing attack.
- 29. Use Network Tools Suchas HP Performance insight to monitor the network for strange Packets Use IDS Detect Promiscuous Mode