What is sniffing?
Meaning prior to the sniffing (Sniffing) Iran 'sniff' 'sniff' as it stands. As a proactive means, such as sniffing, hacking techniques on a network other than your own party eavesdropping means of packet switching. Simply saying eavesdropping on network traffic (eavesdropping) that the process can be sniffed. I can sniff a sniffer tool that allows (Sniffer) Sniffer is called the process of installing a telephone in the process of installing eavesdropping devices can be compared.
The TCP / IP protocol for academic purposes since before the Internet started because it is designed protocol was initiated without significant security considerations. Notably for packet encryption, authentication, and data communications because it did not consider the security of the basic elements of the confidentiality, integrity, and could not be guaranteed. In particular, the security of the basic elements of sniffing attack is to undermine confidentiality.
The Internet is literally an extensive network is a public network. When packets are transmitted or received, the packet will pass through multiple intermediate ISP router via the router to access the packet if the two people can be caught easily. Now, the problem is so easily able to obtain many of the contents of the packet is encrypted and will not be.
Of course, xDSL, cable modem, and the average home user to use these packets is not just that you can see very easily. To do this, the packets passing the network to push the middle path. The process of installing telephone wire is easier to understand if reminded. Who want to tap directly on the phone how to install listening devices, and how to install a wire to the relay circuit will have.
Difference between the two that you want to tap directly on the phone if you install the contents of the phone is able to intercept that, if installed in the trunk that is connected through the trunk of all phones are able to intercept the content would be that the same is the case for sniffing .
Typical scenario is as follows.
(1) the actual attack through a variety of attacks on the target system with administrator privileges to install earned sniffing and sniffing tool
(2) of target companies get access to other hosts take them by host sniffing
(3) ISP equipment obtained for the system privileges to install sniffing out sniffing tools
Through these techniques, and then sniff sniff FTP access by user ID and password is earned screen. In this case, Ethereal on the server simply by using a tool called hackme peace! Use passwords that users have found that there is.
Of course, sniffing only be used for such attacks are not. Used for network traffic analysis and troubleshooting, and addition takes place on a network intrusion detection system to detect attacks, can be used. In this article, sniffing attacks as I'd like to talk.
Examples of practical sniffing attacks
(1) hub environment sniffing
Hub (Hub) by default for incoming packets to all ports except the port it came in a packet for sending a packet repeater (Repeater) equipment. In fact, your company is using a hub and the hub connected to your system if you wanted you did not want to continue across the other person's will was to receive packets.
Of course, network drivers, OS kernels, such as seen at the level of MAC addresses other than their own packets being discarded because it would not be felt easily. But you have in your system to behave as if the NIC in promiscuous mode packet of others can also subscribe without giving up. Now the packet sniffing tools, store and analyze through is simply a matter of
The following drawings will be described in detail. Actually received all the packets are not subject to pass on to the host and other hosts that act as Promiscuous mode, receive packets of the target can also be seen.
(2) switch environments sniffing
By default, the Layer 2 header jeongboin switch MAC address using the information packet sent to any destination determines. Thus, unlike in a hub environment, the actual incoming packet is sent only to the target destination, however, even if the interface were set to Promiscuous mode, you can not steal its contents.
So ... unfortunately in this case does not really safe. As such switches are used in switching environments, sniffing techniques are publicly available. Some of these attacks will introduce in the next manuscript.
No comments:
Post a Comment