CSCI 530 Lab - PowerPoint PPT Presentation

1 / 8
About This Presentation
Title:

CSCI 530 Lab

Description:

CSCI 530 Lab. Packet Sniffing. Scenarios. You are a network administrator. You suspect that some of the employees are not working and instead spending all ... – PowerPoint PPT presentation

Number of Views:46
Avg rating:3.0/5.0
Slides: 9
Provided by: JOSEPHGR2
Category:
Tags: csci | lab | sniffing

less

Transcript and Presenter's Notes

Title: CSCI 530 Lab


1
CSCI 530 Lab
  • Packet Sniffing

2
Scenarios
  • You are a network administrator. You suspect that
    some of the employees are not working and instead
    spending all their time at www.espn.com
  • Could filter at the firewall for this address
  • But you want to see what sites they are
    accessing, without their knowledge
  • You are a hacker. You have compromised a system.
    You are unable to gain access to other systems on
    the network. You want to get some usernames and
    passwords to access these systems.

3
Solution Packet Sniffer
  • Packet Sniffer
  • A tool that captures, interprets, and stores
    network packets for analysis
  • Works at the Transport layer of the OSI 7 layer
    model (Layer 4), but some can work at Network
    Layer (Layer 3)
  • Normal network traffic is based on the
    destination IP address
  • Your network card will throw away any packets
    that are not intended for that card
  • In Promiscuous Mode, your network card will
    take all the packets on the network, regardless
    of the destination IP address.

4
Packet Sniffer Limitations
  • Sniffers are limited by the network topology
  • Cannot extend beyond normal network boundaries
  • Cannot look past a router, switch, hub, etc.
  • However, if you put a packet sniffer on a network
    backbone, then you will be able to see traffic
    bound between intranets

5
Examples of Packet Sniffers
  • Ethernet Sniffers
  • Wireshark (formally known as Ethereal)
  • You will be using this tool in the lab
  • DSniff
  • TCPDump
  • Wireless Sniffers
  • Airopeek
  • Bluetooth Sniffers
  • BlueSweep
  • BlueScanner

6
Defending against Sniffers
  • Change your network topology
  • Part of your lab research find out which
    topology and/or device is most protective against
    sniffers
  • Encryption
  • SSH
  • IPSec
  • Detect sniffers
  • Antisniff from the l0pht group
  • Snort
  • Normally for intrusion detection, but will also
    attempt to detect a host working in promiscuous
    mode

7
Lab Assignment
  • Handout has been posted
  • DEN Students
  • This lab can be done on a home machine (I advice
    against doing it at work).
  • The DEN lab will be set up next week. You will
    receive an e-mail with your login by next week.
  • Lab assignment is DUE on 9/25/06 by 115959 PM
    FOR DEN STUDENTS ONLY
  • All other students, this lab is to be done during
    next weeks (9/18) lab section and is due before
    the following weeks (9/25) lab section

8
Lab Assignment Continued
  • Submission guidelines
  • E-mail the answers questions at the end of the
    handout by the due date. Attach as a text file,
    .doc, or .pdf
  • Submit to YOUR LAB T.A. ONLY
  • Subject line must say
  • CSCI 530 Lab 3 ltsection day timegt
  • Where ltsection day timegt are replaced with your
    day time
  • Example
  • CSCI 530 Lab 3 Friday 1230
  • We do not send confirmation e-mails. If you
    request a read receipt or a return receipt, we
    will say yes and you will get a confirmation.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "CSCI 530 Lab" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!