Upload File

lab 1: packet sniffing and wireshark€¦ ·  · 2018-01-15• packet sniffer is a basic tool for...

  • Home
  • Documents
  • Lab 1: Packet Sniffing and Wireshark€¦ ·  · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),
14
Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber Security Practice 1

Upload: donga

Post on 29-May-2018

234 views

Category:

Documents


2 download

Report

TRANSCRIPT

Page 1: Lab 1: Packet Sniffing and Wireshark€¦ ·  · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),

Lab1:PacketSniffingandWireshark

FengweiZhang

WayneStateUniversity Course:CyberSecurityPractice 1

Page 2: Lab 1: Packet Sniffing and Wireshark€¦ ·  · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),

PacketSniffer•  Packetsnifferisabasictoolforobservingnetworkpacketexchangesinacomputer

•  Capturing(“sniffs”)packetsbeingsent/receivedfrom/byyourcomputer

•  Apacketsnifferitselfispassive

•  Displayingthecontentsofthevariousprotocolfieldsinthesecapturedpackets,butneversendingpacketsitself

WayneStateUniversity Course:CyberSecurityPractice 2

Page 3: Lab 1: Packet Sniffing and Wireshark€¦ ·  · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),

PacketSnifferStructure

WayneStateUniversity Course:CyberSecurityPractice 3

Page 4: Lab 1: Packet Sniffing and Wireshark€¦ ·  · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),

PacketSniffer(cont’d)•  Applications(webbrowsers,FTPclients,emailclients)

•  Networkprotocols(Internetprotocol)

•  Packetcapture–  Thepacketcapturelibraryreceivesacopyofeverylink-layerframe

thatissentfromorreceivedbyyourcomputer

•  PacketAnalyzer–  Displayingthecontentsofallfieldswithinaprotocolmessage–  Understandingthestructureofallmessagesexchangedbyprotocols–  IP,TCP,HTTPheaders

•  Wireshark,TCPDump

WayneStateUniversity Course:CyberSecurityPractice 4

Page 5: Lab 1: Packet Sniffing and Wireshark€¦ ·  · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),

TCP/IPNetworkStack•  TCP/IPisthemostcommonlyusednetworkmodelfor

Internetservices.

•  Becauseitsmostimportantprotocols,theTransmissionControlProtocol(TCP)andtheInternetProtocol(IP)werethefirstnetworkingprotocolsdefinedinthisstandard,itisnamedasTCP/IP.

•  Itcontainsmultiplelayersincluding:–  Applicationlayer–  Transportlayer–  Networklayer–  Datalinklayer

WayneStateUniversity Course:CyberSecurityPractice 5

Page 6: Lab 1: Packet Sniffing and Wireshark€¦ ·  · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),

AnExampleLayeredApproach

WayneStateUniversity Course:CyberSecurityPractice 6

Page 7: Lab 1: Packet Sniffing and Wireshark€¦ ·  · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),

NetworkLayers

WayneStateUniversity Course:CyberSecurityPractice 7

Page 8: Lab 1: Packet Sniffing and Wireshark€¦ ·  · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),

ApplicationLayer

•  Theapplicationlayerincludestheprotocolsusedbymostapplicationsforprovidinguserservices

•  ExamplesofapplicationlayerprotocolsareHypertextTransferProtocol(HTTP),SecureShell(SSH),FileTransferProtocol(FTP),andSimpleMailTransferProtocol(SMTP)

WayneStateUniversity Course:CyberSecurityPractice 8

Page 9: Lab 1: Packet Sniffing and Wireshark€¦ ·  · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),

TransportLayer•  Thetransportlayerestablishesprocess-to-process

connectivity,anditprovidesend-to-endservicesthatareindependentofunderlyinguserdata.

•  Toimplementtheprocess-to-processcommunication,theprotocolintroducesaconceptofport.TheexamplesoftransportlayerprotocolsareTransportControlProtocol(TCP)andUserDatagramProtocol(UDP).

•  TheTCPprovidesflowcontrol,connectionestablishment,andreliabletransmissionofdata,whiletheUDPisaconnectionlesstransmissionmodel.

WayneStateUniversity Course:CyberSecurityPractice 9

Page 10: Lab 1: Packet Sniffing and Wireshark€¦ ·  · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),

InternetLayer•  TheInternetlayerisresponsibleforsendingpacketstoacrossnetworks.

•  Ithastwofunctions:1)HostidentificationbyusingIPaddressingsystem(IPv4andIPv6);and2)packetsroutingfromsourcetodestination.

•  TheexamplesofInternetlayerprotocolsareInternetProtocol(IP),InternetControlMessageProtocol(ICMP),andAddressResolutionProtocol(ARP).

WayneStateUniversity Course:CyberSecurityPractice 10

Page 11: Lab 1: Packet Sniffing and Wireshark€¦ ·  · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),

LinkLayer

•  Thelinklayerdefinesthenetworkingmethodswithinthescopeofthelocalnetworklink.

•  Itisusedtomovethepacketsbetweentwohostsonthesamelink.AncommonexampleoflinklayerprotocolsisEthernet.

WayneStateUniversity Course:CyberSecurityPractice 11

Page 12: Lab 1: Packet Sniffing and Wireshark€¦ ·  · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),

DataEncapsulationinNetworkStack

WayneStateUniversity Course:CyberSecurityPractice 12

Page 13: Lab 1: Packet Sniffing and Wireshark€¦ ·  · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),

Lab0

•  MakesureyoucanloginasCSC4992studentonZeroClient– UsingyourWSUaccessIDandpassword– ProvidingVMimagesforlabexperiments

WayneStateUniversity Course:CyberSecurityPractice 13

Page 14: Lab 1: Packet Sniffing and Wireshark€¦ ·  · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),

Lab0(cont’d)•  Subscribecoursemailing-list–  [email protected]–  ListHomepage(webinterfaceforsubscriberstojoin/leavelist,postmessages,viewarchives):http://lists.wayne.edu

•  Sendanemailtothelisttointroduceyourselfbynextclass

•  Sendazippedtest.txtfileonBackboardbythisweek

WayneStateUniversity Course:CyberSecurityPractice 14


Bluetooth sniffing is for free now! - MUlliNER.ORG · Bluetooth sniffing is for free now! by: iamabanana. TOC ... Sniffer needs to timeout if no traffic is seen in ... e.g. only sniff

Introduction to Packet Sniffing using Ethereal 0.10.9

Sniffing (network wiretap, sniffer) FAQ 0. Information about this FAQ

Packet sniffer in Python - Universidad Veracruzana...Packet sniffer in Python A simple packet sniffer in Python can be created with the help socket module. We can use the raw socket

Lab 1 - Packet Sniffing and Spoofing

SmartRF™ Packet Sniffer User Manual..edge.rit.edu/edge/P11207/public/SmartRFPacketSnifferUserManual.pdf · 2.2 PACKET SNIFFER WINDOW OF AN ACTIVE SESSION ... can be used to define

5557.SmartRF Packet Sniffer User Manual.pdf

Sniffing. Sniffer Un packet sniffer è un dispositivo di intercettazione che si connette a reti di computer ed "origlia" sul traffico di rete. Un programma

Packet Sniffing in Switched Environment

Packet Sniffers · while others work in switched networks. The sniffing methods are: IP-based sniffing, MAC-based sniffing, and ARP-based sniffing. 5.1.1 IP-based sniffing This is

Packet or Network Sniffing

Lab 1: Packet Sniffing and Wireshark - GitHub Pages · 2020-02-12 · Lab 1: Packet Sniffing and Wireshark Introduction The first part of the lab introduces packet sniffer, Wireshark

SmartRF™ Packet Sniffer User’s Manual - TI

Packet sniffing & ARP Poisoning

Prensentation on packet sniffer and injection tool

Packet sniffing in switched LANs

Packet sniffing' guide

Network “sniffing ”— packet capture and analysis

Packet Sniffer Code in C Using Linux Sockets

SmartRF™ Packet Sniffer User’s Manual Packet Sniffer User’s Manual SWRU187G SWRU187G 2/29 Table of contents 1 INTRODUCTION.....3 ... Figure 1: Dataflow for the packet sniffer

CNET124 Lab 4 Packet Sniffing

A Packet Sniffer (PSniffer) Application for Network Security in Java

PACKET SNIFFING Dr. Andy Wu BCIS 4630 Fundamentals of IT Security

PACKET SNIFFING - QSecureqsecure.com.cy/white_papers/Packet_Sniffing_Part1.pdfPage 4 Introduction Passive Sniffing •Performed through a hub (broadcasts all traffic) •Performed

Packet Sniffing

Packet Sniffer for the Physical Layer of the Single Wire ...€¦ · Packet Sniffer for the Physical Layer of the Single Wire Protocol Michael Roland, Christian Saminger, Josef Langer

Packet Sniffing and Spoofing Lab -Final

CS4231 Local Area Networks HW1 – IP Packet Sniffer

SmartRF™ Packet Sniffer User Manual - TI E2E …e2e.ti.com/.../3426.SmartRF-Packet-Sniffer-User-Manual.pdfSmartRF Packet Sniffer User Manual SWRU187E SWRU187E Table of contents 1

Sniffing (Network Wiretap, Sniffer) FAQ

Packet sniffing in LAN

Lecture 23: Port and Vulnerability Scanning, Packet Sniffing

Packet sniffer repot

Network “sniffing ”— packet capture and analysiscsci530l/slides/lab-sniffing-color.pdf · Network “sniffing ”— packet capture and analysis October 4, 2018 Administrative

Packet Sniffing with Ethereal and Tcpdump