Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security: Lab#4-2 Packet Sniffers J. H. Wang Dec. 2, 2013.

Published byJob Brown Modified over 9 years ago

Similar presentations

Presentation on theme: "Network Security: Lab#4-2 Packet Sniffers J. H. Wang Dec. 2, 2013."— Presentation transcript:

1 Network Security: Lab#4-2 Packet Sniffers J. H. Wang Dec. 2, 2013

2 Objectives To learn to use packet sniffers –Tcpdump/WinDump –Wireshark (formerly Ethereal) –Cain and Abel

3 Packages Used in this Lab Packages –tcpdump/WinDump –WireShark –Cain and Abel

4 Experiment Scenario To test the basic functions of a packet sniffer –Dump packets –Check packet details: IP, port, protocol, … –Packet statistics To test the vulnerability of some protocols –Use FTP to login and transfer files –Use sftp to login and transfer files

5 Packet Sniffers tcpdump/WinDump Wireshark Cain and Abel ettercap

6 tcpdump Homepage: http://www.tcpdump.org/http://www.tcpdump.org/ Current version (for Linux): –tcpdump 4.5.1: a powerful command-line packet analyzer –libpcap 1.5.1: and a C/C++ library for network traffic capture For Windows: –WinDump 3.9.5: http://www.winpcap.org/windump/ http://www.winpcap.org/windump/ Windows version of tcpdump –WinPcap 4.1.3: http://www.winpcap.org/http://www.winpcap.org/ Windows version of libpcap –A driver for low-level network access –A library for low-level network analysis

7 Example Commands To display all network adapters – WinDump -D To listen to all traffic in network adapter #1 – WinDump -i 1 To listen to all traffic with source or destination port number 80 – WinDump -i 1 port 80 To dump all captured packets in file – WinDump -r

8 Wireshark Homepage: http://www.wireshark.org/http://www.wireshark.org/ Latest version: 1.10.3 (formerly Ethereal) Also includes the latest WinPcap library

9 Example Usage for Wireshark To display all network interfaces –Choose [Capture/Interfaces] To start capturing packets –Click [Start] To stop capturing packets –[Capture/Stop]

10 To display statistics about packets –[Statistics/Summary] –[Statistics/Protocol Hierarchy] –[Statistics/Endpoints] –[Statistics/IO Graphs] –[Statistics/Flow Graph] –[Statistics/WLAN Traffic]

11 Cain and Abel Homepage: http://www.oxid.it/cain.htmlhttp://www.oxid.it/cain.html Version: 4.9.47 A “password recovery tool” for Microsoft operating systems –Using dictionary, brute-force, cryptanalysis attacks A packet sniffer Man-in-the-middle attack using ARP spoofing Installation steps –Cain and Abel –WinPcap 4.1.2 library for packet capturing

12 Packet sniffer –[Configure]: to select the network adapter –[Filters and Ports]: to select the ports to be monitored –Right click on sniffer, then [Scan MAC Address] –ARP Poison Routing (APR)

13 ettercap Homepage: http://ettercap.sourceforge.net/ http://ettercap.sourceforge.net/ Version: 0.8.0-Lacassagne Platforms: Linux/FreeBSD/Mac OS X/Windows XP/Solaris Man-in-the-middle attack using ARP spoofing It uses libpcap library Installation

14 Another Usage of Packet Sniffer: Vulnerability of FTP First, open the packet sniffer Second, use FTP to login –Under [Start], type “cmd” – ftp 140.124.13.2 –Type in username & password – bye Then, check the username and password in packet sniffer

15 Example for sftp First, open the packet sniffer Second, use psftp to login and transfer files –Start “psftp” – open 140.124.13.2 –Type in username & password – bye Then, check the username and password in packet sniffer

16 Other Examples You can also check the vulnerability for the following protocols –Telnet vs. ssh –SMTP vs. SMTPS (with SSL) or SMTPAuth –POP3 –…

17 Summary Packet sniffer –tcpdump/WinDump –Wireshark –Cain & Abel –Ettercap Vulnerability of protocols –FTP

Download ppt "Network Security: Lab#4-2 Packet Sniffers J. H. Wang Dec. 2, 2013."

Similar presentations

Ethical Hacking Module VII Sniffers.

Ethical Hacking Module VII Sniffers.
Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.

Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.
1 SIP-based VoIP Lab. 2 Step 1: Connect Your PC to The Network Get your laptop connected to the campus WLAN. –Run ipconfig to show your own IP address.

1 SIP-based VoIP Lab. 2 Step 1: Connect Your PC to The Network Get your laptop connected to the campus WLAN. –Run ipconfig to show your own IP address.
The Cain Tool Presented by: Sagar Chivate CS 685F.

The Cain Tool Presented by: Sagar Chivate CS 685F.
Database Encryption. Encryption: overview Encrypting Data-in-transit As it is transmitted between client-server Encrypting Data-at-rest Storing data in.

Database Encryption. Encryption: overview Encrypting Data-in-transit As it is transmitted between client-server Encrypting Data-at-rest Storing data in.
Network Attacks Mark Shtern.

Network Attacks Mark Shtern.
Capture Packets using Wireshark. Introduction Wireshark – – Packet analysis software – Open source.

Capture Packets using Wireshark. Introduction Wireshark – – Packet analysis software – Open source.
Network Analyzer Example

Network Analyzer Example
An introduction to Network Analyzers Dr. Farid Farahmand 3/23/2009.

An introduction to Network Analyzers Dr. Farid Farahmand 3/23/2009.
Adrian Crenshaw.  I run Irongeek.com  I have an interest in InfoSec education  I don’t know everything - I’m.

Adrian Crenshaw.  I run Irongeek.com  I have an interest in InfoSec education  I don’t know everything - I’m.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
CAP6135: Malware and Software Vulnerability Analysis Network Traffic Monitoring Using Wireshark Cliff Zou Spring 2013.

CAP6135: Malware and Software Vulnerability Analysis Network Traffic Monitoring Using Wireshark Cliff Zou Spring 2013.
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:

Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:
Wireshark and TCP/IP Basics ACM SIG-Security Lance Pendergrass.

Wireshark and TCP/IP Basics ACM SIG-Security Lance Pendergrass.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
Wireshark Presented By: Hiral Chhaya, Anvita Priyam.

Wireshark Presented By: Hiral Chhaya, Anvita Priyam.
1 Lab 3 Transport Layer T.A. Youngjoo Han. 2 Transport Layer  Providing logical communication b/w application processes running on different hosts 

1 Lab 3 Transport Layer T.A. Youngjoo Han. 2 Transport Layer  Providing logical communication b/w application processes running on different hosts 
JMU GenCyber Boot Camp Summer, 2015. Network Sniffing Sometimes it is possible observe/record traffic traveling on a network Network traffic may contain.

JMU GenCyber Boot Camp Summer, Network Sniffing Sometimes it is possible observe/record traffic traveling on a network Network traffic may contain.
Adrian Crenshaw.  I run Irongeek.com  I have an interest in InfoSec education  I don’t know everything - I’m.

Adrian Crenshaw.  I run Irongeek.com  I have an interest in InfoSec education  I don’t know everything - I’m.

Similar presentations

Ads by Google