1 The Main Event Battle Of the Sniffers. ● The Champion – Ethereal: Network Analyzer ● The Challenger – Ettercap: Network Security Suite.

Slides:



Advertisements
Similar presentations
Ethical Hacking Module VII Sniffers.
Advertisements

Password Cracking, Network Sniffing, Man-in-the-Middle attacks, and Virtual Private Networks Lab 2 – Class Discussion Group 3 Ruhull Alam Bhuiyan Keon.
Man in the Middle Attack
Getting Set-up with Hosting and WordPress Gregory Young Alternative Hosting
WARNING ! The system is either busy or has been unstable. You can wait and See if it becomes available again, or you can restart your computer. *
1 Web Servers / Deployment Alastair Dawes Original by Bhupinder Reehal.
Compliance on Demand. Introduction ComplianceKeeper is a web-based Licensing and Learning Management System (LLMS), that allows users to manage all Company,
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
Man in the Middle Paul Box Beatrice Wilds Will Lefevers.
Network Analyzer Example
(NHA) The Laboratory of Computer Communication and Networking Network Host Analyzer.
LogMeIn.com By: Casey Davidson. What is it? Free Web-based VNC Client Remotely control any PC or Mac from anywhere in the world No network configuring.
Log Analysis and Intrusion Detection By Srikrishna Gudavalli Venkata Naga Vamsi Krishna Ravi Kiran Yellepeddy.
Using Skype for Building Effective Group Collaboration MODULE I.
The easy way to a nice looking website design By a total non-designer (Me!)
Appliance Firewalls A Technology Review By: Brent Huston T h e B l a c k H a t B r i e f i n g s July 7-8, 1999 Las Vegas.
Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.
2440: 141 Web Site Administration Remote Web Server Access Tools Instructor: Enoch E. Damson.
Wireshark Presented By: Hiral Chhaya, Anvita Priyam.
Authentication Approaches over Internet Jia Li
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
Bradley Cowie Supervised by Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING AND.
JMU GenCyber Boot Camp Summer, Network Sniffing Sometimes it is possible observe/record traffic traveling on a network Network traffic may contain.
Network Security: Lab#4-2 Packet Sniffers J. H. Wang Dec. 2, 2013.
Honeypot and Intrusion Detection System
The Microsoft Baseline Security Analyzer A practical look….
1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.
| nectar.org.au NECTAR TRAINING Module 5 The Research Cloud Lifecycle.
BlowFish 2000 Copyright © by Gregory Braun. All rights reserved Installation and Users Guide by Robert Moncrief II.
Using Skype for Building Effective Group Collaboration By JoAnn Fifield.
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 13 FTP and Telnet.
802.11n Sniffer Design Overview Vladislav Mordohovich Igor Shtarev Luba Brouk.
Packet Capture and Analysis: An Introduction to Wireshark 1.
Ethical Hacking: Hacking GMail. Teaching Hacking.
FitnessGram® 2015 Student Information System (SIS) Extract Import Training for Georgia School Year.
Computer Networking.  The basic tool for observing the messages exchanged between executing protocol entities  Captures (“sniffs”) messages being sent/received.
sniffing Team #1. Easy to sniff To sniff wired communication, must connect the wire between sender and receiver. Because everybody shares the medium.
17 Establishing Dial-up Connection to the Internet Using Windows 9x 1.Install and configure the modem 2.Configure Dial-Up Adapter 3.Configure Dial-Up Networking.
Wireless Security John Himmelein Erick Andrew Christian Adam Varun Bapna.
COMP2322 Lab 1 Introduction to Wireshark Weichao Li Jan. 22, 2016.
GP 2015 Client Event. Management Reporter As of 5/1/2015 the most recent version of MR is 2012 Cumulative Update 12. Mainstream Support for FRx 6.7 ended.
Introduction Web analysis includes the study of users’ behavior on the web Traffic analysis – Usage analysis Behavior at particular website or across.
MIS Week 9 Site:
ONLINE SECURITY Tips 1 Online Security Online Security Tips.
Technology Requirements for Online Testing Training Module Copyright © 2014 American Institutes for Research. All rights reserved.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Alison Buben Jay Pataky COSC 316.  Main purpose: Penetration Testing ◦ Evaluating the security of a computer by simulating an attack ◦ Showing where.
Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.
© 2001, Cisco Systems, Inc. CSPFA 2.0—16-1 Chapter 16 Cisco PIX Device Manager.
1 E-Site - FTP Services Setup / install guide. 2 About FTP services can run on any desired port(s) Runs as a windows service Works for all sites installed.
Packet Sniffing Hans Kokx
Securing your network But still be able to access it Hugh Mahon.
Unit 2: Cyber Security Part 3 Monitoring Tools & other Security Products.
Password Cracking, Sniffing and Man-in-the Middle
CSCE 548 Student Presentation By Manasa Suthram
Instructor Materials Chapter 5 Providing Network Services
Full Page Watermarking
COMP2322 Lab 1 Wireshark Steven Lee Jan. 25, 2017.
Packet Sniffers Lecture 10 - NETW4006 NETW4006-Lecture09.
Traffic Analysis with Ethereal
Networks Problem Set 1 Due Oct 3 Bonus Date Oct 2
Nessus Vulnerability Scanning
Advanced Penetration testing
smartmail & smartportal: Introducing Two-Factor Authentication
Web Servers / Deployment
FitnessGram® 2015 Student Information System (SIS) Extract Import Training for Georgia School Year.
Wireless Spoofing Attacks on Mobile Devices
Presentation transcript:

1 The Main Event Battle Of the Sniffers

● The Champion – Ethereal: Network Analyzer ● The Challenger – Ettercap: Network Security Suite

A look at Ettercap ● Ettercap: Features – Packet Sniffing ● Unified Sniffing ● Bridged Sniffing – Logging – Real Time Data Views ● Live Connections / Man-in-the-Middle

A look at Ettercap ● Ettercap: Requirements ● Unix Based OS ● Windows NT/2000/Server 2003 ● Libraries – libpcap 0.81 or higher – libnet or higher – libpthread – zlib – Optional: GTK+, Ncurses, OpenSSL

A look at Ettercap ● Ettercap: Installation – Website Download Available at: ● – Linux Installation ● Decompress using tar/gzip ●./configure.sh ● make ● make install

A look at Ettercap ● Ettercap: The GUI – Ncurses GUI ● Main Window

Using Ettercap ● Getting ready to sniff – Select ”Sniff” – Select ”Unified Sniffing”

Using Ettercap ● Sniffing Screen

Using Ettercap ● Performing the Sniff – Select ”Start” – Select ”Start Sniffing” – Press ”ENTER” – Stop the Sniff by selecting ”Stop Sniffing”

Using Ettercap ● Features While Sniffing: – Statistics. – Select ”View” then ”Statistics” – Results updated in real time.

Using Ettercap ● Features While Sniffing: – Connection View – Select ”View” then ”Connections” – Results updated in real time.

Using Ettercap ● Features While Sniffing: – Connection Details – Choose a connection in the Live Connections list and press ”ENTER” – Results updated in real time.

Using Ettercap ● More Features: – Host Scanning and targeting. – Plug-In System. – Logging. – Inject Information

The Sniffing Experiment ● Three Trials – HTTP Request / Response – Secure HTTP Request / Response – FTP Transaction ● Testing Platform – Pentium 3 Linux Computer – Fedora Core 2

First Trial: HTTP Transaction ● Website: ● Ethereal – Showed very detailed information about each packet. – Setup of Connection – Request / Response – Closure of Connection – Also showed every packet that was used in the transaction.

First Trial: HTTP Transaction ● Ethereal

First Trial: HTTP Transaction ● Ettercap – Successful in sniffing the request and response. – But Ettercap would only sniff the payload. – Doesn't capture packet information. – Indications of timed caching of information. ● Due to this, sometimes would erase the information.

First Trial: HTTP Transaction ● Ettercap

Second Trial: HTTPS Transaction ● Web Site: CIBC Kaleem's Bank Account

Second Trial: HTTPS Transaction ● Both sniffers were unable to show the plaintext. – 128-Bit Encryption at work. – Ettercap does have a feature to allow it to give a fake certificate for an attack but the environment was not ideal. ● However, Ethereal recognized the public key used.

Second Trial: HTTPS Transaction ● Ethereal

Second Trial: HTTPS Transaction ● Ettercap

Third Trial: FTP Transaction ● An FTP login was performed on ftp.kmaxmedia.com. This included a username and password. ftp.kmaxmedia.com ● Both sniffers were able to successful get the username and password information. But the presentation of the information was different. ● Information was more readable in Ettercap.

Third Trial: FTP Transaction ● Ethereal

Third Trial: FTP Transaction ● Ethercap

The Battle: Some Observations ● During the Sniffing ● Ethereal would only show statistics on the type of packets sniffed while Ettercap would show statistics, profiles, connections and more in real time. ● Any personal authentication information that is heard on the wire, ettercap would notify the user the minute it appears in the user messages section

The Battle: Some Observations ● Extras ● Ethereal ● Thouough information of packets. ● Broad support for most protocols. ● Filtering features to help organize packets. ● Can read capture logs from over 20 prograns. ● Ettercap ● Real time information delivered while sniffing. ● A sniffer with weaponry. ● Custom plugin support.

The Verdict ● Ethereal ● Best suited for packet analyzation. ● Ettercap ● Best suited to test security of a network. – Supplies the user with a variety of tools. ● Plugins ● Bridged Sniffing ● Attacks ● Not just a sniffer.

Ettercap: Pros and Cons ● Pros – Very, very powerful tool. – Easy to use GUI interface. – Real Time Information while sniffing. – Ability to perform attacks easily. ● Cons – Can be difficult to compile for Windows. – Curses GUI not too stable. Overlaps tables. – More documentation could be useful.

The Conclusion ● ”With the dust settling in the battle of the sniffers, the new Ettercap proved to be a worthy foe against Ethereal possessing immense manipulating power which can change a network’s environment. However, it still needs time to develop itself into a robust, dependable and a mature tool like Ethereal. ” – Kaleem Maxwell

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.