150 likes | 425 Views
Packet Sniffing - By Aarti Dhone. Introduction. Packet Sniffer Definition: A packet sniffer is a wire-tap device that plugs into computer networks and eavesdrops on the network traffic. What are the components of a packet sniffer?. 1. Hardware : standard network adapters .
E N D
Packet Sniffing - By Aarti Dhone
Introduction Packet Sniffer Definition: A packet sniffer is a wire-tap device that plugs into computer networks and eavesdrops on the network traffic.
What are the components of a packet sniffer? 1. Hardware : standard network adapters . 2.Capture Filter : This is the most important part . It captures the network traffic from the wire, filters it for the particular traffic you want, then stores the data in a buffer. 3. Buffers : used to store the frames captured by the Capture Filter .
What are the components of a packet sniffer? 4.Real-time analyzer: a module in the packet sniffer program used for traffic analysis and to shift the traffic for intrusion detection. 5.Decoder : "Protocol Analysis" .
How does a Sniffer Work? Sniffers also work differently depending on the type of network they are in. • Shared Ethernet • Switched Ethernet
How can I detect a packet sniffer? • Ping method • ARP method • DNS method
Packet Sniffer Mitigation Host A Host B Router A Router B • The following techniques and tools can be used to mitigate sniffers: • Authentication—Using strong authentication, such as one-time passwords, is a first option for defense against packet sniffers. • Switched infrastructure—Deploy a switched infrastructure to counter the use of packet sniffers in your environment. • Antisniffer tools—Use these tools to employ software and hardware designed to detect the use of sniffers on a network. • Cryptography—The most effective method for countering packet sniffers does not prevent or detect packet sniffers, but rather renders them irrelevant.
Top 11 Packet Sniffers • Wireshark • Kismet • Tcpdump • Cain and Abel • Ettercap • Dsniff • NetStumbler • Ntop • Ngrep • EtherApe • KisMAC
What are sniffers used for? • Detection of clear-text passwords and usernames from the network. • Conversion of data to human readable format so that people can read the traffic. • Performance analysis to discover network bottlenecks. • Network intrusion detection in order to discover hackers.
References • http://netsecurity.about.com/cs/hackertools/a/aa121403.htm • http://e-articles.info/e/a/title/Packet-Sniffing:-Sniffing-Tools-Detection-Prevention-Methods/ • http://sectools.org/sniffers.html • http://en.wikipedia.org/wiki/Cain_and_Abel_(software) • http://www.authorstream.com/Presentation/chinmayzen-79529-packet-sniffers-education-ppt-powerpoint/ • http://www.youtube.com/watch?v=O00LENbtiIw