50 likes | 152 Views
IT443 – Network Security Administration Week 2 – Wireshark. Instructor: Alfred J Bird, Ph.D., NBCT abird@cs.umb.edu http:// it443-s14-bird.wikispaces.umb.edu / Door Key: 643478* Office – McCormick 3rd floor 607 (617.287.3827) Office Hours – Tuesday and Thursday, 4:00 pm to 5:15pm.
E N D
IT443 – Network Security AdministrationWeek 2 – Wireshark Instructor: Alfred J Bird, Ph.D., NBCT abird@cs.umb.edu http://it443-s14-bird.wikispaces.umb.edu/ Door Key: 643478* Office – McCormick 3rd floor 607 (617.287.3827) Office Hours – Tuesday and Thursday, 4:00 pm to 5:15pm
Some Postulates about Network Security • You can never prove something perfect, all you can do is fail to prove that it has some faults! Keep looking! • If a lot of smart people have failed to solve the problem, then it probably won’t be solved (soon!) (p41 in the text) • Security people need to remember that most people regard security as a nuisance rather than as needed protection and left to their own devices they often carelessly give up the security that someone worked so hard to provide. (p245 in the text)
Today’s Objectives • Install and set up wireshark in a Ubuntu VM environment • Play with wireshark looking at different protocols
Installing Wireshark • If it does not exist, create a directory c:/ubuntu and give it read/write privileges. • Copy the iso for Ubuntu 12.04 workstation into the directory from my jumpdrive (or download it) • Open VMWare and create a new VM with Ubuntu desktop • Use sysadmin/sysadmin for username/password. • Install wireshark and do updatesmtothe system. • Open a terminal window and execute the command sudosu so you function as root. • Run wireshark in the terminal window.
Playing with Wireshark. • Choose the eth0 interface and start collecting packets • Look at some random packets and see if they make any sense to you. • Open Network Tools and ping www.google.com and look at the packets that go across the wire • Look at an ARP protocol and try to understand it