Scribd Logo
Upload

Welcome to Scribd!

  • Sniffing

    Uploaded by

    Lavanya Arunachalam A
    51 views15 pages
    security

    Original Title

    sniffing

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    security

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    51 views15 pages

    Sniffing

    Uploaded by

    Lavanya Arunachalam A
    security

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 15

    Slide 1

    Types of Attacks
    ATTACKS ON DATA IN
    TRANSIT
    •Spoofing/Poisoning
    •Pharming
    •Man in the Middle
    •Replay
    •Denial of Service(DoS)
    •Distributed DoS
    •Smurf
    •Scanners & Sniffers ATTACKS VIA EMAIL & OTHER
    COMMUNICATIONS
    •Spam
    •Phishing
    OTHER ATTACKS
    •Privilege Escalation
    •Transitive Access
    •Client-side Attacks
    Slide 2

    Sniffing
    • A sniffer is an application or device that can read, monitor,
    and capture network data and read network packets.
    • Sniffing is eavesdropping on the network
    • The objective of sniffing is to steal:
    • -Passwords (from E-Mail, the Web, SMB, FTP, SQL or TELNET)
    • -Email Text
    • -Files in transfer (Email files, FTP files, or SMB)
    • -Chat sessions
    • -DNS queries
    Slide 3
    Sniffing Threats
    Slide 4
    Protocols Vulnerable to Sniffing

    Protocols that are susceptible to sniffers include:


    • Telnet & Rlogin: Keystrokes including user names and
    passwords
    • HTTP: Data sent in Clear Text
    • SMTP: Passwords and data sent in clear text
    • NNTP: Passwords and data sent in clear text
    • POP: Passwords and data sent in clear text
    • FTP: Passwords and data sent in clear text
    • IMAP: Passwords and data sent in clear text
    Slide 5

    • Tie to Data Link Layer in OSI Model


    Slide 6
    Types of Sniffing
    Slide 7
    Passive Sniffing
    Slide 8
    Active Sniffing
    Slide 9

    • Active sniffing Techniques:-


    • 1. MAC flooding
    • 2. ARP Poisoning
    • 3. DNS Poisoning
    • 4. DHCP Attacks
    • 5. Spoofing Attacks
    Slide 10

    MAC Flooding
    Slide 11

    Tools for MAC Flooding


    Slide 12

    Sniffing Tools
    • BetterCAP
    • Ettercap
    • Tcpdump/WinDump
    • Omnipeek
    • Dsniff
    • EtherApe
    • MSN Sniffer
    • NetWitness NextGen
    Slide 13

    Linux Sniffing Tools


    Slide 14

    Linux Sniffing Tools(contd..)


    Slide 15

    How to protect against Sniffing

    • Restrict the physical access to the network media to ensure that


    a packet sniffer cannot be installed
    • Use encryption to protect confidential information
    • Permanently add the MAC address of the gateway to the ARP
    cache
    • Use IPv6 instead of IPv4 protocol
    • Use encrypted sessions such as SSH instead of Telnet, Secure
    Copy (SCP) instead of FTP, SSL for email connection, etc to
    protect wireless network users against sniffing attacks

    You might also like