SlideShare uma empresa Scribd logo

Ethical Hacking - sniffing

Transferir como PPTX, PDF
Bhavya Chawla
Bhavya Chawla

Network Security - Sniffing

Educação
1 de 11
BHARTI VIDYAPEETH DEEMED UNIVERSITY COLLEGE OF ENGINEERING, PUNE Dept. of Computer Engineering SUBMITTED BY : NAME:BHAVYA CHAWLA ROLL NO:11 PRN:1614110153 CLASS:BTECH SEM-IV COMPUTER-1 UNDER THE GUIDANCE OF: Network Security Faculty PRESENTATION ON TOPIC: Ethical Hacking - Sniffing
Sniffing  Introduction of Sniffing  Types of Sniffing  Sniffing Protocols  Sniffing Tools  Countermeasures
Introduction: Packet sniffing allows individuals to capture data as it is transmitted over a network. This technique is used by network professionals to diagnose network issues, and by malicious users to capture unencrypted data, like passwords and usernames. If this information is captured in transit, a user can gain access to a system or network. A sniffer can be a packet-capturing or frame-capturing tool. It intercepts traffic on the network and displays it in either a command-line or GUI format for a hacker to view. Some sophisticated sniffers interpret the packets and can reassemble the packet stream into the original data, such as an e-mail or a document. Sniffers are used to capture traffic sent between two systems. Depending on how the sniffer is used and the security measures in place, a hacker can use a sniffer to discover usernames, passwords, and other confidential information transmitted on the network. Several hacking attacks and various hacking tools require the use of a sniffer to obtain important information sent from the target system.
Types of Sniffing:  Passive Sniffing Passive sniffing involves listening and capturing traffic, and is useful in a network connected by hubs. In networks that use hubs or wireless media to connect systems, all hosts on the network can see all traffic; therefore a passive packet sniffer can capture traffic going to and from all hosts connected via the hub.  Active Sniffing Active sniffing involves launching an Address Resolution Protocol (ARP) spoofing or traffic-flooding attack against a switch in order to capture traffic. A switched network operates differently. The switch looks at the data sent to it and tries to forward packets to their intended recipients based on MAC address. The switch maintains a MAC table of all the systems and the port numbers to which they’re connected. This enables the switch to segment the network traffic and send traffic only to the correct destination MAC addresses. 5
Protocols for Sniffing: A sniffer can be a packet-capturing or frame-capturing tool. It intercepts traffic on the network and displays it in either a command-line or GUI format for a hacker to view. Some sophisticated sniffers interpret the packets and can reassemble the packet stream into the original data, such as an e-mail or a document. Sniffers are used to capture traffic sent between two systems. Depending on how the sniffer is used and the security measures in place, a hacker can use a sniffer to discover usernames, passwords, and other confidential information transmitted on the network.
3.1 DNS Spoofing: When a user requests a certain website URL, the address is looked up on a DNS server to find the corresponding IP address. If the DNS server has been compromised, the user is redirected to a website other than the one that was requested, such as a fake website. To perform a DNS attack, the attacker exploits a flaw in the DNS server software that can make it accept incorrect information. If the server doesn’t correctly validate DNS responses to ensure that they come from an authoritative source, the server ends up caching the incorrect entries locally and serving them to users that make subsequent requests. This technique can be used to replace arbitrary content for a set of victims with content of an attacker’s choosing. For example, an attacker poisons the IP addresses DNS entries for a target website on a given DNS server, replacing them with the IP address of a server the hacker controls. The hacker then creates fake entries for files on this server with names matching those on the target server. These files may contain malicious content, such as a worm or a virus. A user whose computer has referenced the poisoned DNS server is tricked into thinking the content comes from the target server and unknowingly downloads malicious content.
3.2 ARP Poisoning: ARP (Address Resolution Protocol) allows the network to translate IP addresses into MAC addresses. When one host using TCP/IP on a LAN tries to contact another, it needs the MAC address or hardware address of the host it’s trying to reach. It first looks in its ARP cache to see if it already has the MAC address; if it doesn’t, it broadcasts an ARP request asking, “Who has the IP address I’m looking for?” If the host that has that IP address hears the ARP query, it responds with its own MAC address, and a conversation can begin using TCP/IP. ARP poisoning is a technique that’s used to attack an Ethernet network and that may let an attacker sniff data frames on a switched LAN or stop the traffic altogether. ARP poisoning utilizes ARP spoofing where the purpose is to send fake, or spoofed, ARP messages to an Ethernet LAN. 3.3 MAC Flooding: A packet sniffer on a switched network can’t capture all traffic as it can on a hub network; instead, it captures either traffic coming from or traffic going to the system. It’s necessary to use an additional tool to capture all traffic on a switched network. There are essentially two ways to perform active sniffing and make the switch send traffic to the system running the sniffer: ARP spoofing and flooding. As mentioned earlier, ARP spoofing involves taking on the MAC address of the network gateway and consequently receiving all traffic intended for the gateway on the sniffer system.
Sniffing Tools: i. Ethereal is a freeware sniffer that can capture packets from a wired or wireless LAN connection. The latest version has been renamed WireShark. Ethereal is a common and popular program because it is free but has some drawbacks. An untrained user may find it difficult to write filters in Ethereal to capture only certain types of traffic. ii. Snort is an intrusion detection system (IDS) that also has sniffer capabilities. It can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, Server Message Block (SMB) probes, and OS fingerprinting attempts. iii. WinDump is the Windows version of tcpdump, the command-line network analyzer for Unix. WinDump is fully compatible with tcpdump and can be used to watch, diagnose, and save to disk network traffic according to various rules.
Sniffing Countermeasures: The best security defense against a sniffer on the network is encryption. Although encryption won’t prevent sniffing, it renders any data captured during the sniffing attack useless because hacker can’t interpret the information. Encryption such as AES and RC4 or RC5 can be utilized in VPN technologies and is a common method to prevent sniffing on a network. i. netINTERCEPTOR is a spam and virus firewall. It has advanced filtering options and can learn and adapt as it identifies new spam. It also intercepts and quarantines the latest e-mail viruses and Trojans, preventing a Trojan from being installed and possibly installing a sniffer. ii. Sniffdet is a set of tests for remote sniffer detection in TCP/IP network environments. Sniffdet implements various tests for the detection of machines running in promiscuous mode or with a sniffer. iii. WinTCPKill is a TCP connection termination tool for Windows. The tool requires the ability to use a sniffer to sniff incoming and outgoing traffic of the target. In a switched network, WinTCPKill can use an ARP cache-poisoning tool that performs ARP spoofing.
Conclusion: • It is used to represent multiple data items of same type by using only single name. • It can be used to implement other data structures like linked lists, stacks, queues, trees, graphs etc. • 2D arrays are used to represent matrices. • Array is static structure. It means that array is of fixed size. The memory which is allocated to array can not be increased or reduced. • Since array is of fixed size, if we allocate more memory than requirement then the memory space will be wasted. And if we allocate less memory than requirement, then it will create problem. • Insertions and deletions are very difficult and time consuming.

Recomendados

Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissanceNishaYadav177
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle AttackDeepak Upadhyay
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Securitylalithambiga kamaraj
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffersKunal Thakur
 
System hacking
System hackingSystem hacking
System hackingCAS
 
Types of attacks
Types of attacksTypes of attacks
Types of attacksVivek Gandhi
 
Module 5 Sniffers
Module 5 SniffersModule 5 Sniffers
Module 5 Sniffersleminhvuong
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 

Recomendados

Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissanceNishaYadav177
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle AttackDeepak Upadhyay
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Securitylalithambiga kamaraj
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffersKunal Thakur
 
System hacking
System hackingSystem hacking
System hackingCAS
 
Types of attacks
Types of attacksTypes of attacks
Types of attacksVivek Gandhi
 
Module 5 Sniffers
Module 5 SniffersModule 5 Sniffers
Module 5 Sniffersleminhvuong
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Denial of service
Denial of serviceDenial of service
Denial of servicegarishma bhatia
 
Packet sniffing
Packet sniffingPacket sniffing
Packet sniffingShyama Bhuvanendran
 
Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Rishabh Upadhyay
 
Web application vulnerabilities
Web application vulnerabilitiesWeb application vulnerabilities
Web application vulnerabilitiesebusinessmantra
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Amit Tyagi
 
Session Hijacking
Session HijackingSession Hijacking
Session Hijackingn|u - The Open Security Community
 
Security Attacks.ppt
Security Attacks.pptSecurity Attacks.ppt
Security Attacks.pptZaheer720515
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Network security
Network securityNetwork security
Network securityquest university nawabshah
 
Spoofing
SpoofingSpoofing
SpoofingGreater Noida Institute Of Technology
 
Network Security
Network SecurityNetwork Security
Network SecurityManoj Singh
 
Network attacks
Network attacksNetwork attacks
Network attacksManjushree Mashal
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Network forensics and investigating logs
Network forensics and investigating logsNetwork forensics and investigating logs
Network forensics and investigating logsanilinvns
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security PresentationAllan Pratt MBA
 
Network Security and Firewall
Network Security and FirewallNetwork Security and Firewall
Network Security and FirewallShafeeqaFarsana
 
Aircrack
AircrackAircrack
AircrackMuhammadHanzalah6
 
Wireless Penetration Testing
Wireless Penetration TestingWireless Penetration Testing
Wireless Penetration TestingMohammed Adam
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKSShaurya Gogia
 
NETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGNETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGEr Vivek Rana
 
Unit 3:Enterprise Security
Unit 3:Enterprise SecurityUnit 3:Enterprise Security
Unit 3:Enterprise Securityprachi67
 
For your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laFor your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laShainaBoling829
 

Mais conteúdo relacionado

Mais procurados

Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Rishabh Upadhyay
 
Web application vulnerabilities
Web application vulnerabilitiesWeb application vulnerabilities
Web application vulnerabilitiesebusinessmantra
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Amit Tyagi
 
Security Attacks.ppt
Security Attacks.pptSecurity Attacks.ppt
Security Attacks.pptZaheer720515
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Network Security
Network SecurityNetwork Security
Network SecurityManoj Singh
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Network forensics and investigating logs
Network forensics and investigating logsNetwork forensics and investigating logs
Network forensics and investigating logsanilinvns
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security PresentationAllan Pratt MBA
 
Network Security and Firewall
Network Security and FirewallNetwork Security and Firewall
Network Security and FirewallShafeeqaFarsana
 
Wireless Penetration Testing
Wireless Penetration TestingWireless Penetration Testing
Wireless Penetration TestingMohammed Adam
 
NETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGNETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGEr Vivek Rana
 

Mais procurados (20)

Denial of service
Denial of serviceDenial of service
Denial of service
 
Packet sniffing
Packet sniffingPacket sniffing
Packet sniffing
 
Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing
 
Web application vulnerabilities
Web application vulnerabilitiesWeb application vulnerabilities
Web application vulnerabilities
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)
 
Session Hijacking
Session HijackingSession Hijacking
Session Hijacking
 
Security Attacks.ppt
Security Attacks.pptSecurity Attacks.ppt
Security Attacks.ppt
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 
Network security
Network securityNetwork security
Network security
 
Spoofing
SpoofingSpoofing
Spoofing
 
Network Security
Network SecurityNetwork Security
Network Security
 
Network attacks
Network attacksNetwork attacks
Network attacks
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
 
Network forensics and investigating logs
Network forensics and investigating logsNetwork forensics and investigating logs
Network forensics and investigating logs
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
 
Network Security and Firewall
Network Security and FirewallNetwork Security and Firewall
Network Security and Firewall
 
Aircrack
AircrackAircrack
Aircrack
 
Wireless Penetration Testing
Wireless Penetration TestingWireless Penetration Testing
Wireless Penetration Testing
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKS
 
NETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGNETWORK PENETRATION TESTING
NETWORK PENETRATION TESTING
 

Semelhante a Ethical Hacking - sniffing

Unit 3:Enterprise Security
Unit 3:Enterprise SecurityUnit 3:Enterprise Security
Unit 3:Enterprise Securityprachi67
 
For your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laFor your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laShainaBoling829
 
Cyber security tutorial1
Cyber security tutorial1Cyber security tutorial1
Cyber security tutorial1sweta dargad
 
OSTU - Chris Sanders on Wireshark
OSTU - Chris Sanders on WiresharkOSTU - Chris Sanders on Wireshark
OSTU - Chris Sanders on WiresharkDenny K
 
Avoiding Man in the Middle Attack Based on ARP Spoofing in the LAN
Avoiding Man in the Middle Attack Based on ARP Spoofing in the LANAvoiding Man in the Middle Attack Based on ARP Spoofing in the LAN
Avoiding Man in the Middle Attack Based on ARP Spoofing in the LANEditor IJCATR
 
A Deeper Look into Network Traffic Analysis using Wireshark.pdf
A Deeper Look into Network Traffic Analysis using Wireshark.pdfA Deeper Look into Network Traffic Analysis using Wireshark.pdf
A Deeper Look into Network Traffic Analysis using Wireshark.pdfJessica Thompson
 
Cyber_Threat_Intelligent_Cyber_Operation_Contest
Cyber_Threat_Intelligent_Cyber_Operation_ContestCyber_Threat_Intelligent_Cyber_Operation_Contest
Cyber_Threat_Intelligent_Cyber_Operation_Contestnkrafacyberclub
 
WT - Firewall & Proxy Server
WT - Firewall & Proxy ServerWT - Firewall & Proxy Server
WT - Firewall & Proxy Servervinay arora
 
Chapter 12
Chapter 12Chapter 12
Chapter 12cclay3
 
Packet sniffing in LAN
Packet sniffing in LANPacket sniffing in LAN
Packet sniffing in LANArpit Suthar
 
Procuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the NetworkProcuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the NetworkIOSR Journals
 
Nmap & Network sniffing
Nmap & Network sniffingNmap & Network sniffing
Nmap & Network sniffingMukul Sahu
 
Address Resolution Protocol (ARP) Spoofing Attack And Proposed Defense
Address Resolution Protocol (ARP) Spoofing Attack And Proposed DefenseAddress Resolution Protocol (ARP) Spoofing Attack And Proposed Defense
Address Resolution Protocol (ARP) Spoofing Attack And Proposed DefenseJoe Andelija
 
An Approach to Detect Packets Using Packet Sniffing
An Approach to Detect Packets Using Packet SniffingAn Approach to Detect Packets Using Packet Sniffing
An Approach to Detect Packets Using Packet Sniffingijcses
 
Analysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wiresharkAnalysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wiresharkIJARIIT
 

Semelhante a Ethical Hacking - sniffing (20)

Unit 3:Enterprise Security
Unit 3:Enterprise SecurityUnit 3:Enterprise Security
Unit 3:Enterprise Security
 
For your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laFor your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and la
 
Packet capturing
Packet capturingPacket capturing
Packet capturing
 
Wiretapping
WiretappingWiretapping
Wiretapping
 
Cyber security tutorial1
Cyber security tutorial1Cyber security tutorial1
Cyber security tutorial1
 
OSTU - Chris Sanders on Wireshark
OSTU - Chris Sanders on WiresharkOSTU - Chris Sanders on Wireshark
OSTU - Chris Sanders on Wireshark
 
Avoiding Man in the Middle Attack Based on ARP Spoofing in the LAN
Avoiding Man in the Middle Attack Based on ARP Spoofing in the LANAvoiding Man in the Middle Attack Based on ARP Spoofing in the LAN
Avoiding Man in the Middle Attack Based on ARP Spoofing in the LAN
 
INTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED REFEREED RESEARCH PAPERINTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED REFEREED RESEARCH PAPER
 
A Deeper Look into Network Traffic Analysis using Wireshark.pdf
A Deeper Look into Network Traffic Analysis using Wireshark.pdfA Deeper Look into Network Traffic Analysis using Wireshark.pdf
A Deeper Look into Network Traffic Analysis using Wireshark.pdf
 
Cyber_Threat_Intelligent_Cyber_Operation_Contest
Cyber_Threat_Intelligent_Cyber_Operation_ContestCyber_Threat_Intelligent_Cyber_Operation_Contest
Cyber_Threat_Intelligent_Cyber_Operation_Contest
 
WT - Firewall & Proxy Server
WT - Firewall & Proxy ServerWT - Firewall & Proxy Server
WT - Firewall & Proxy Server
 
Chapter 12
Chapter 12Chapter 12
Chapter 12
 
Packet sniffing in LAN
Packet sniffing in LANPacket sniffing in LAN
Packet sniffing in LAN
 
Procuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the NetworkProcuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the Network
 
Nmap & Network sniffing
Nmap & Network sniffingNmap & Network sniffing
Nmap & Network sniffing
 
Address Resolution Protocol (ARP) Spoofing Attack And Proposed Defense
Address Resolution Protocol (ARP) Spoofing Attack And Proposed DefenseAddress Resolution Protocol (ARP) Spoofing Attack And Proposed Defense
Address Resolution Protocol (ARP) Spoofing Attack And Proposed Defense
 
Ceh v5 module 07 sniffers
Ceh v5 module 07 sniffersCeh v5 module 07 sniffers
Ceh v5 module 07 sniffers
 
Firewall
FirewallFirewall
Firewall
 
An Approach to Detect Packets Using Packet Sniffing
An Approach to Detect Packets Using Packet SniffingAn Approach to Detect Packets Using Packet Sniffing
An Approach to Detect Packets Using Packet Sniffing
 
Analysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wiresharkAnalysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wireshark
 

Mais de Bhavya Chawla

Version Control System - for Agile Software Project Management.
Version Control System - for Agile Software Project Management.Version Control System - for Agile Software Project Management.
Version Control System - for Agile Software Project Management.Bhavya Chawla
 
computer graphics-C/C++-dancingdollcode
computer graphics-C/C++-dancingdollcodecomputer graphics-C/C++-dancingdollcode
computer graphics-C/C++-dancingdollcodeBhavya Chawla
 
Natural Language Processing
Natural Language ProcessingNatural Language Processing
Natural Language ProcessingBhavya Chawla
 
Employee Management System
Employee Management SystemEmployee Management System
Employee Management SystemBhavya Chawla
 
evolution of computers
evolution of computers evolution of computers
evolution of computersBhavya Chawla
 
the generation of computers
the generation of computersthe generation of computers
the generation of computersBhavya Chawla
 

Mais de Bhavya Chawla (7)

Version Control System - for Agile Software Project Management.
Version Control System - for Agile Software Project Management.Version Control System - for Agile Software Project Management.
Version Control System - for Agile Software Project Management.
 
computer graphics-C/C++-dancingdollcode
computer graphics-C/C++-dancingdollcodecomputer graphics-C/C++-dancingdollcode
computer graphics-C/C++-dancingdollcode
 
Natural Language Processing
Natural Language ProcessingNatural Language Processing
Natural Language Processing
 
Employee Management System
Employee Management SystemEmployee Management System
Employee Management System
 
Sql introduction
Sql introductionSql introduction
Sql introduction
 
evolution of computers
evolution of computers evolution of computers
evolution of computers
 
the generation of computers
the generation of computersthe generation of computers
the generation of computers
 

Último

Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Shubhangi Sonawane
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxVishalSingh1417
 
Gardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterGardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterMateoGardella
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...KokoStevan
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesCeline George
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 

Último (20)

Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Gardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterGardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch Letter
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 

Ethical Hacking - sniffing

  • 1. BHARTI VIDYAPEETH DEEMED UNIVERSITY COLLEGE OF ENGINEERING, PUNE Dept. of Computer Engineering SUBMITTED BY : NAME:BHAVYA CHAWLA ROLL NO:11 PRN:1614110153 CLASS:BTECH SEM-IV COMPUTER-1 UNDER THE GUIDANCE OF: Network Security Faculty PRESENTATION ON TOPIC: Ethical Hacking - Sniffing
  • 2. Sniffing  Introduction of Sniffing  Types of Sniffing  Sniffing Protocols  Sniffing Tools  Countermeasures
  • 3. Introduction: Packet sniffing allows individuals to capture data as it is transmitted over a network. This technique is used by network professionals to diagnose network issues, and by malicious users to capture unencrypted data, like passwords and usernames. If this information is captured in transit, a user can gain access to a system or network. A sniffer can be a packet-capturing or frame-capturing tool. It intercepts traffic on the network and displays it in either a command-line or GUI format for a hacker to view. Some sophisticated sniffers interpret the packets and can reassemble the packet stream into the original data, such as an e-mail or a document. Sniffers are used to capture traffic sent between two systems. Depending on how the sniffer is used and the security measures in place, a hacker can use a sniffer to discover usernames, passwords, and other confidential information transmitted on the network. Several hacking attacks and various hacking tools require the use of a sniffer to obtain important information sent from the target system.
  • 4.
  • 5. Types of Sniffing:  Passive Sniffing Passive sniffing involves listening and capturing traffic, and is useful in a network connected by hubs. In networks that use hubs or wireless media to connect systems, all hosts on the network can see all traffic; therefore a passive packet sniffer can capture traffic going to and from all hosts connected via the hub.  Active Sniffing Active sniffing involves launching an Address Resolution Protocol (ARP) spoofing or traffic-flooding attack against a switch in order to capture traffic. A switched network operates differently. The switch looks at the data sent to it and tries to forward packets to their intended recipients based on MAC address. The switch maintains a MAC table of all the systems and the port numbers to which they’re connected. This enables the switch to segment the network traffic and send traffic only to the correct destination MAC addresses. 5
  • 6. Protocols for Sniffing: A sniffer can be a packet-capturing or frame-capturing tool. It intercepts traffic on the network and displays it in either a command-line or GUI format for a hacker to view. Some sophisticated sniffers interpret the packets and can reassemble the packet stream into the original data, such as an e-mail or a document. Sniffers are used to capture traffic sent between two systems. Depending on how the sniffer is used and the security measures in place, a hacker can use a sniffer to discover usernames, passwords, and other confidential information transmitted on the network.
  • 7. 3.1 DNS Spoofing: When a user requests a certain website URL, the address is looked up on a DNS server to find the corresponding IP address. If the DNS server has been compromised, the user is redirected to a website other than the one that was requested, such as a fake website. To perform a DNS attack, the attacker exploits a flaw in the DNS server software that can make it accept incorrect information. If the server doesn’t correctly validate DNS responses to ensure that they come from an authoritative source, the server ends up caching the incorrect entries locally and serving them to users that make subsequent requests. This technique can be used to replace arbitrary content for a set of victims with content of an attacker’s choosing. For example, an attacker poisons the IP addresses DNS entries for a target website on a given DNS server, replacing them with the IP address of a server the hacker controls. The hacker then creates fake entries for files on this server with names matching those on the target server. These files may contain malicious content, such as a worm or a virus. A user whose computer has referenced the poisoned DNS server is tricked into thinking the content comes from the target server and unknowingly downloads malicious content.
  • 8. 3.2 ARP Poisoning: ARP (Address Resolution Protocol) allows the network to translate IP addresses into MAC addresses. When one host using TCP/IP on a LAN tries to contact another, it needs the MAC address or hardware address of the host it’s trying to reach. It first looks in its ARP cache to see if it already has the MAC address; if it doesn’t, it broadcasts an ARP request asking, “Who has the IP address I’m looking for?” If the host that has that IP address hears the ARP query, it responds with its own MAC address, and a conversation can begin using TCP/IP. ARP poisoning is a technique that’s used to attack an Ethernet network and that may let an attacker sniff data frames on a switched LAN or stop the traffic altogether. ARP poisoning utilizes ARP spoofing where the purpose is to send fake, or spoofed, ARP messages to an Ethernet LAN. 3.3 MAC Flooding: A packet sniffer on a switched network can’t capture all traffic as it can on a hub network; instead, it captures either traffic coming from or traffic going to the system. It’s necessary to use an additional tool to capture all traffic on a switched network. There are essentially two ways to perform active sniffing and make the switch send traffic to the system running the sniffer: ARP spoofing and flooding. As mentioned earlier, ARP spoofing involves taking on the MAC address of the network gateway and consequently receiving all traffic intended for the gateway on the sniffer system.
  • 9. Sniffing Tools: i. Ethereal is a freeware sniffer that can capture packets from a wired or wireless LAN connection. The latest version has been renamed WireShark. Ethereal is a common and popular program because it is free but has some drawbacks. An untrained user may find it difficult to write filters in Ethereal to capture only certain types of traffic. ii. Snort is an intrusion detection system (IDS) that also has sniffer capabilities. It can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, Server Message Block (SMB) probes, and OS fingerprinting attempts. iii. WinDump is the Windows version of tcpdump, the command-line network analyzer for Unix. WinDump is fully compatible with tcpdump and can be used to watch, diagnose, and save to disk network traffic according to various rules.
  • 10. Sniffing Countermeasures: The best security defense against a sniffer on the network is encryption. Although encryption won’t prevent sniffing, it renders any data captured during the sniffing attack useless because hacker can’t interpret the information. Encryption such as AES and RC4 or RC5 can be utilized in VPN technologies and is a common method to prevent sniffing on a network. i. netINTERCEPTOR is a spam and virus firewall. It has advanced filtering options and can learn and adapt as it identifies new spam. It also intercepts and quarantines the latest e-mail viruses and Trojans, preventing a Trojan from being installed and possibly installing a sniffer. ii. Sniffdet is a set of tests for remote sniffer detection in TCP/IP network environments. Sniffdet implements various tests for the detection of machines running in promiscuous mode or with a sniffer. iii. WinTCPKill is a TCP connection termination tool for Windows. The tool requires the ability to use a sniffer to sniff incoming and outgoing traffic of the target. In a switched network, WinTCPKill can use an ARP cache-poisoning tool that performs ARP spoofing.
  • 11. Conclusion: • It is used to represent multiple data items of same type by using only single name. • It can be used to implement other data structures like linked lists, stacks, queues, trees, graphs etc. • 2D arrays are used to represent matrices. • Array is static structure. It means that array is of fixed size. The memory which is allocated to array can not be increased or reduced. • Since array is of fixed size, if we allocate more memory than requirement then the memory space will be wasted. And if we allocate less memory than requirement, then it will create problem. • Insertions and deletions are very difficult and time consuming.