Downloaded 428 times
More Related Content
![[BDD 2025 - Full-Stack Development] PHP in AI Age: The Laravel Way. (Rizqy Hi...](https://cdn.slidesharecdn.com/ss_thumbnails/fs-phpinaiagethelaravelway-251125012602-ef9d330e-thumbnail.jpg?width=640&height=640&fit=bounds)
![[BDD 2025 - Mobile Development] Crafting Immersive UI with E2E and AGSL Shade...](https://cdn.slidesharecdn.com/ss_thumbnails/md-craftingimmersiveuiwithe2eandagslshaderveronicaputrianggraini-251124030840-0c677f44-thumbnail.jpg?width=640&height=640&fit=bounds)
![[BDD 2025 - Full-Stack Development] The Modern Stack: Building Web & AI Appli...](https://cdn.slidesharecdn.com/ss_thumbnails/fs-themodernstackbuildingwebaiapplicationswithserverless-251124030844-388cf04f-thumbnail.jpg?width=640&height=640&fit=bounds)
![[BDD 2025 - Artificial Intelligence] Building AI Systems That Users (and Comp...](https://cdn.slidesharecdn.com/ss_thumbnails/ai-buildingaisystemsthatusersandcompanieslove-251124030845-038f7732-thumbnail.jpg?width=640&height=640&fit=bounds)
![[BDD 2025 - Full-Stack Development] Digital Accessibility: Why Developers nee...](https://cdn.slidesharecdn.com/ss_thumbnails/fs-digitalaccessibilitywhydevelopersneedtoknowandcarein2025-251127011019-0674441d-thumbnail.jpg?width=640&height=640&fit=bounds)
![[DevFest Strasbourg 2025] - NodeJs Can do that !!](https://cdn.slidesharecdn.com/ss_thumbnails/devfeststrasbourg2025-nodejscandothat-251127142731-da65b6fd-thumbnail.jpg?width=640&height=640&fit=bounds)
Packet Sniffing
- 1. How a packetsniffer works A sniffer is basically a program that eavesdrops on the network traffic by intercepting the information traveling over network There are two types of network environments in which a sniffer works Shared Ethernet Switched Ethernet Shared Ethernet In a shared Ethernet environment, all the systems are connected to the same bus and are in the same broadcast domain. When a message is to be sent to a machine, it is broad casted over the network and machine for which the message is intended, reads the message. - A machine running a sniffer, runs in “promiscuous mode” and can listen to all the traffic on the network. This type of sniffing is extremely difficult to detect.
- 2. Switched Ethernet -In this network formation, the machines are connected to a switch. The switch maintains a MAC table and keeps a track of each computer’s MAC address and the physical port on the switch to which the MAC address maps - In a switched network, the packets are not broad casted, but instead are specifically sent to the machines for which they are intended. - Even though a switched Ethernet is more secure than a shared one (using hub), it’s not complete secure - One can still sniff the traffic using techniques like ARP spoofing, which basically spoofs the MAC address of the gateway and makes the traffic route through the machine running the sniffer How a packet sniffer works (contd...)
- 3. How a packetsniffer works (contd...) Running sniffers on the gateway level LAN Gateway (running a sniffer) Internet OR External Network
- 4. How a packetsniffer works (contd...) Sniffing tools available Ethereal (http://www.ethereal.com) Tcpdump (default on Linux systems) Ettercap (http://ettercap.sourceforge.net) Dsniff (http://www.monkey.org/~dugsong/dsniff/) Programs to detect sniffer Anti Sniff (Detects if a computer is running in promiscus mode - http://www.l0pht.com/antisniff/ ) ARP Watch (It keeps a track of the ethernet/IP pairings. Helps stop ARP spoofing. - http://ftp.ee.lbl.gov/arpwatch.tar.Z ) References http://www.rootshell.be/~dhar/sniffers.html http://www.networknewz.com/2001/0723.html Presentation can be downloaded from: http://www.chaitanyasharma.in/sniffer/Sniff.ppt