SlideShare ist ein Scribd-Unternehmen logo

Virtual Labs SniffingConsider what you have learned so far

Als DOCX, PDF herunterladen
A
AlleneMcclendon878

Virtual Labs: Sniffing Consider what you have learned so far about Sniffing as you review the objectives and scenario below.  Complete the lab that follows on EC-Council's website using the link below. Objective Sniffing is performed to collect basic information from the target and its network. It helps to find vulnerabilities and select exploits for an attack. It determines the network, system, and organizational information. The objective of this lab is to make students learn to sniff a network and analyze packets for any attacks on the network. The primary objectives of this lab are to: Sniff the network Analyze incoming and outgoing packets Troubleshoot the network for performance Secure the network from attacks Scenario “Sniffing” is the process of monitoring and capturing data packets passing through a given network using software or hardware devices. There are two types of sniffing: passive and active. Passive sniffing refers to sniffing on a hub-based network; active sniffing refers to sniffing on a switch-based network. Although passive sniffing was predominant in earlier days, proper network-securing architecture has been implemented (switch-based network) to mitigate this kind of attack. However, it contains a few loopholes in switch-based network implementation that can open doors for an attacker to sniff network traffic. Attackers hack the network using sniffers, where he/she mainly targets the protocols vulnerable to sniffing. Some of the protocols vulnerable to sniffing include HTTP, FTP, SMTP, POP, and so on. The sniffed traffic comprises FTP and Telnet passwords, chat sessions, email and web traffic, DNS traffic, and so on. Once attackers obtain such sensitive information, they might attempt to impersonate target user sessions. Thus, it is essential to assess the security of the network’s infrastructure, find the loopholes in it and patch them up to ensure a secure network environment. So, as an ethical hacker/penetration tester, your duties include: Implementing network auditing tools such as Wireshark, and Cain & Abel, etc. in an attempt to find loopholes in the network. Using security tools such as PromqryUI to detect attacks on the network, and so on. The lab this week will provide you with real-time experience in sniffing. Week 6 Lab Assignment 1: Sniffing Passwords Using Auditing Tools Lab Task: The objective of this lab is to demonstrate sniffing to capture traffic from multiple interfaces and collect data from any network topology. In this lab, you will learn how to: Capture Passwords of Local Interface and Capture traffic from Remote Interface Lab Description: Data traversing an HTTP channel is prone to MITM attacks, as it flows in plain-text format. Network administrators can use sniffers to troubleshoot network problems, examine security problems, and debug protocol implementations. However, an attacker can use tools such as Wireshark and sniffs the traffic flowing between the clien ...

Bildung
1 von 4
Virtual Labs: Sniffing Consider what you have learned so far about Sniffing as you review the objectives and scenario below. Complete the lab that follows on EC-Council's website using the link below. Objective Sniffing is performed to collect basic information from the target and its network. It helps to find vulnerabilities and select exploits for an attack. It determines the network, system, and organizational information. The objective of this lab is to make students learn to sniff a network and analyze packets for any attacks on the network. The primary objectives of this lab are to: Sniff the network Analyze incoming and outgoing packets Troubleshoot the network for performance Secure the network from attacks Scenario “Sniffing” is the process of monitoring and capturing data packets passing through a given network using software or hardware devices. There are two types of sniffing: passive and active.
Passive sniffing refers to sniffing on a hub-based network; active sniffing refers to sniffing on a switch-based network. Although passive sniffing was predominant in earlier days, proper network-securing architecture has been implemented (switch-based network) to mitigate this kind of attack. However, it contains a few loopholes in switch-based network implementation that can open doors for an attacker to sniff network traffic. Attackers hack the network using sniffers, where he/she mainly targets the protocols vulnerable to sniffing. Some of the protocols vulnerable to sniffing include HTTP, FTP, SMTP, POP, and so on. The sniffed traffic comprises FTP and Telnet passwords, chat sessions, email and web traffic, DNS traffic, and so on. Once attackers obtain such sensitive information, they might attempt to impersonate target user sessions. Thus, it is essential to assess the security of the network’s infrastructure, find the loopholes in it and patch them up to ensure a secure network environment. So, as an ethical hacker/penetration tester, your duties include: Implementing network auditing tools such as Wireshark, and Cain & Abel, etc. in an attempt to find loopholes in the network. Using security tools such as PromqryUI to detect attacks on the network, and so on. The lab this week will provide you with real-time experience in sniffing. Week 6 Lab Assignment 1: Sniffing Passwords Using Auditing
Tools Lab Task: The objective of this lab is to demonstrate sniffing to capture traffic from multiple interfaces and collect data from any network topology. In this lab, you will learn how to: Capture Passwords of Local Interface and Capture traffic from Remote Interface Lab Description: Data traversing an HTTP channel is prone to MITM attacks, as it flows in plain-text format. Network administrators can use sniffers to troubleshoot network problems, examine security problems, and debug protocol implementations. However, an attacker can use tools such as Wireshark and sniffs the traffic flowing between the client and the server. This traffic obtained by the attacker might contain sensitive information such as login credentials, which can be used to perform malicious activities such as user-session impersonation. As an ethical hacker, you need to perform network security assessments and suggest proper troubleshooting techniques to mitigate attacks. This lab gives you hands-on experience of how to use Wireshark to sniff network traffic and capture it on a remote interface.
Password sniffing uses various techniques to monitor networks to obtain user passwords. Networks use broadcast technology to send data. Data transmits through the broadcast network, which can be read from another computer present on the network. Usually, all the computers except that of the recipient will notice that the message is not meant for them and ignore them. Many computers are programmed to look at every message on the network. If someone misuses the facility, they can view messages not intended for them. Access the lab here: EC-Council | iLabs (Links to an external site.) Submit proof of this assignment completion by uploading and submitting a screenshot of the graded lab from EC-Council Labs. Refer to the Course Projects page for more information on project submissions.

Empfohlen

Syed Ubaid Ali Jafri - Black Box Penetration testing for Associates
Syed Ubaid Ali Jafri - Black Box Penetration testing for AssociatesSyed Ubaid Ali Jafri - Black Box Penetration testing for Associates
Syed Ubaid Ali Jafri - Black Box Penetration testing for Associates
Syed Ubaid Ali Jafri
 
A Deeper Look into Network Traffic Analysis using Wireshark.pdf
A Deeper Look into Network Traffic Analysis using Wireshark.pdfA Deeper Look into Network Traffic Analysis using Wireshark.pdf
A Deeper Look into Network Traffic Analysis using Wireshark.pdf
Jessica Thompson
 
Final project.ppt
Final project.pptFinal project.ppt
Final project.ppt
shreyng
 
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxINTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
SuhailShaik16
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
Nezar Alazzabi
 
Network forensics
Network forensicsNetwork forensics
Network forensics
ArthyR3
 
Network Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain EssayNetwork Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain Essay
Karen Oliver
 
Internet Worm Classification and Detection using Data Mining Techniques
Internet Worm Classification and Detection using Data Mining TechniquesInternet Worm Classification and Detection using Data Mining Techniques
Internet Worm Classification and Detection using Data Mining Techniques
iosrjce
 

Empfohlen

Syed Ubaid Ali Jafri - Black Box Penetration testing for Associates
Syed Ubaid Ali Jafri - Black Box Penetration testing for AssociatesSyed Ubaid Ali Jafri - Black Box Penetration testing for Associates
Syed Ubaid Ali Jafri - Black Box Penetration testing for Associates
Syed Ubaid Ali Jafri
 
A Deeper Look into Network Traffic Analysis using Wireshark.pdf
A Deeper Look into Network Traffic Analysis using Wireshark.pdfA Deeper Look into Network Traffic Analysis using Wireshark.pdf
A Deeper Look into Network Traffic Analysis using Wireshark.pdf
Jessica Thompson
 
Final project.ppt
Final project.pptFinal project.ppt
Final project.ppt
shreyng
 
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxINTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
SuhailShaik16
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
Nezar Alazzabi
 
Network forensics
Network forensicsNetwork forensics
Network forensics
ArthyR3
 
Network Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain EssayNetwork Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain Essay
Karen Oliver
 
Internet Worm Classification and Detection using Data Mining Techniques
Internet Worm Classification and Detection using Data Mining TechniquesInternet Worm Classification and Detection using Data Mining Techniques
Internet Worm Classification and Detection using Data Mining Techniques
iosrjce
 
L017317681
L017317681L017317681
L017317681
IOSR Journals
 
packet-sniffing-switched-environment-244
packet-sniffing-switched-environment-244packet-sniffing-switched-environment-244
packet-sniffing-switched-environment-244
Tom King
 
Cyber warfare introduction
Cyber warfare introductionCyber warfare introduction
Cyber warfare introduction
jagadeesh katla
 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical Hacking
Sripati Mahapatra
 
Running Head Security Assessment Repot (SAR) .docx
Running Head Security Assessment Repot (SAR) .docxRunning Head Security Assessment Repot (SAR) .docx
Running Head Security Assessment Repot (SAR) .docx
SUBHI7
 
For your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laFor your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and la
ShainaBoling829
 
Hacking
HackingHacking
Hacking
gvsai501
 
Hacking
HackingHacking
Hacking
gvsai501
 
Module 7 (sniffers)
Module 7 (sniffers)Module 7 (sniffers)
Module 7 (sniffers)
Wail Hassan
 
A Study Of Open Ports As Security Vulnerabilities In Common User Computers
A Study Of Open Ports As Security Vulnerabilities In Common User ComputersA Study Of Open Ports As Security Vulnerabilities In Common User Computers
A Study Of Open Ports As Security Vulnerabilities In Common User Computers
Joshua Gorinson
 
Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...
Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...
Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...
IOSR Journals
 
Net Defender
Net DefenderNet Defender
Net Defender
krishna maddikara
 
A proposed architecture for network
A proposed architecture for networkA proposed architecture for network
A proposed architecture for network
IJCNCJournal
 
Intrusion Detection Systems By Anamoly-Based Using Neural Network
Intrusion Detection Systems By Anamoly-Based Using Neural NetworkIntrusion Detection Systems By Anamoly-Based Using Neural Network
Intrusion Detection Systems By Anamoly-Based Using Neural Network
IOSR Journals
 
Hacking
HackingHacking
Hacking
rameswara reddy venkat
 
Hacking
HackingHacking
Hacking
Roshan Chaudhary
 
Ethical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingEthical hacking/ Penetration Testing
Ethical hacking/ Penetration Testing
ANURAG CHAKRABORTY
 
On-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-SystemOn-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-System
Sarah Rudd
 
Network Vulnerability and Patching
Network Vulnerability and PatchingNetwork Vulnerability and Patching
Network Vulnerability and Patching
Emmanuel Udeagha B.
 
Formative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering AttacksFormative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering Attacks
DamaineFranklinMScBE
 
Explain in your own words why it is important to read a statistical .docx
Explain in your own words why it is important to read a statistical .docxExplain in your own words why it is important to read a statistical .docx
Explain in your own words why it is important to read a statistical .docx
AlleneMcclendon878
 
Explain how Matthew editedchanged Marks Gospel for each of the fol.docx
Explain how Matthew editedchanged Marks Gospel for each of the fol.docxExplain how Matthew editedchanged Marks Gospel for each of the fol.docx
Explain how Matthew editedchanged Marks Gospel for each of the fol.docx
AlleneMcclendon878
 

Weitere ähnliche Inhalte

Ähnlich wie Virtual Labs SniffingConsider what you have learned so far

packet-sniffing-switched-environment-244
packet-sniffing-switched-environment-244packet-sniffing-switched-environment-244
packet-sniffing-switched-environment-244
Tom King
 
Running Head Security Assessment Repot (SAR) .docx
Running Head Security Assessment Repot (SAR) .docxRunning Head Security Assessment Repot (SAR) .docx
Running Head Security Assessment Repot (SAR) .docx
SUBHI7
 
For your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laFor your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and la
ShainaBoling829
 
Module 7 (sniffers)
Module 7 (sniffers)Module 7 (sniffers)
Module 7 (sniffers)
Wail Hassan
 
A proposed architecture for network
A proposed architecture for networkA proposed architecture for network
A proposed architecture for network
IJCNCJournal
 
Intrusion Detection Systems By Anamoly-Based Using Neural Network
Intrusion Detection Systems By Anamoly-Based Using Neural NetworkIntrusion Detection Systems By Anamoly-Based Using Neural Network
Intrusion Detection Systems By Anamoly-Based Using Neural Network
IOSR Journals
 
On-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-SystemOn-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-System
Sarah Rudd
 
Network Vulnerability and Patching
Network Vulnerability and PatchingNetwork Vulnerability and Patching
Network Vulnerability and Patching
Emmanuel Udeagha B.
 

Ähnlich wie Virtual Labs SniffingConsider what you have learned so far (20)

L017317681
L017317681L017317681
L017317681
 
packet-sniffing-switched-environment-244
packet-sniffing-switched-environment-244packet-sniffing-switched-environment-244
packet-sniffing-switched-environment-244
 
Cyber warfare introduction
Cyber warfare introductionCyber warfare introduction
Cyber warfare introduction
 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical Hacking
 
Running Head Security Assessment Repot (SAR) .docx
Running Head Security Assessment Repot (SAR) .docxRunning Head Security Assessment Repot (SAR) .docx
Running Head Security Assessment Repot (SAR) .docx
 
For your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laFor your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and la
 
Hacking
HackingHacking
Hacking
 
Hacking
HackingHacking
Hacking
 
Module 7 (sniffers)
Module 7 (sniffers)Module 7 (sniffers)
Module 7 (sniffers)
 
A Study Of Open Ports As Security Vulnerabilities In Common User Computers
A Study Of Open Ports As Security Vulnerabilities In Common User ComputersA Study Of Open Ports As Security Vulnerabilities In Common User Computers
A Study Of Open Ports As Security Vulnerabilities In Common User Computers
 
Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...
Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...
Detection of Session Hijacking and IP Spoofing Using Sensor Nodes and Cryptog...
 
Net Defender
Net DefenderNet Defender
Net Defender
 
A proposed architecture for network
A proposed architecture for networkA proposed architecture for network
A proposed architecture for network
 
Intrusion Detection Systems By Anamoly-Based Using Neural Network
Intrusion Detection Systems By Anamoly-Based Using Neural NetworkIntrusion Detection Systems By Anamoly-Based Using Neural Network
Intrusion Detection Systems By Anamoly-Based Using Neural Network
 
Hacking
HackingHacking
Hacking
 
Hacking
HackingHacking
Hacking
 
Ethical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingEthical hacking/ Penetration Testing
Ethical hacking/ Penetration Testing
 
On-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-SystemOn-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-System
 
Network Vulnerability and Patching
Network Vulnerability and PatchingNetwork Vulnerability and Patching
Network Vulnerability and Patching
 
Formative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering AttacksFormative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering Attacks
 

Mehr von AlleneMcclendon878

Explain how Matthew editedchanged Marks Gospel for each of the fol.docx
Explain how Matthew editedchanged Marks Gospel for each of the fol.docxExplain how Matthew editedchanged Marks Gospel for each of the fol.docx
Explain how Matthew editedchanged Marks Gospel for each of the fol.docx
AlleneMcclendon878
 
explain the different roles of basic and applied researchdescribe .docx
explain the different roles of basic and applied researchdescribe .docxexplain the different roles of basic and applied researchdescribe .docx
explain the different roles of basic and applied researchdescribe .docx
AlleneMcclendon878
 
Experimental Design AssignmentYou were given an Aedesaegyp.docx
Experimental Design AssignmentYou were given an Aedesaegyp.docxExperimental Design AssignmentYou were given an Aedesaegyp.docx
Experimental Design AssignmentYou were given an Aedesaegyp.docx
AlleneMcclendon878
 
Exercise 7 Use el pronombre y la forma correcta del verbo._.docx
Exercise 7 Use el pronombre y la forma correcta del verbo._.docxExercise 7 Use el pronombre y la forma correcta del verbo._.docx
Exercise 7 Use el pronombre y la forma correcta del verbo._.docx
AlleneMcclendon878
 
Exercise 21-8 (Part Level Submission)The following facts pertain.docx
Exercise 21-8 (Part Level Submission)The following facts pertain.docxExercise 21-8 (Part Level Submission)The following facts pertain.docx
Exercise 21-8 (Part Level Submission)The following facts pertain.docx
AlleneMcclendon878
 

Mehr von AlleneMcclendon878 (20)

Explain in your own words why it is important to read a statistical .docx
Explain in your own words why it is important to read a statistical .docxExplain in your own words why it is important to read a statistical .docx
Explain in your own words why it is important to read a statistical .docx
 
Explain how Matthew editedchanged Marks Gospel for each of the fol.docx
Explain how Matthew editedchanged Marks Gospel for each of the fol.docxExplain how Matthew editedchanged Marks Gospel for each of the fol.docx
Explain how Matthew editedchanged Marks Gospel for each of the fol.docx
 
Explain the degree to which media portrayal of crime relates to publ.docx
Explain the degree to which media portrayal of crime relates to publ.docxExplain the degree to which media portrayal of crime relates to publ.docx
Explain the degree to which media portrayal of crime relates to publ.docx
 
Explain the difference between genotype and phenotype. Give an examp.docx
Explain the difference between genotype and phenotype. Give an examp.docxExplain the difference between genotype and phenotype. Give an examp.docx
Explain the difference between genotype and phenotype. Give an examp.docx
 
Explain the history behind the Black Soldier of the Civil War In t.docx
Explain the history behind the Black Soldier of the Civil War In t.docxExplain the history behind the Black Soldier of the Civil War In t.docx
Explain the history behind the Black Soldier of the Civil War In t.docx
 
Explain the fundamental reasons why brands do not exist in isolation.docx
Explain the fundamental reasons why brands do not exist in isolation.docxExplain the fundamental reasons why brands do not exist in isolation.docx
Explain the fundamental reasons why brands do not exist in isolation.docx
 
Explain the difference between hypothetical and categorical imperati.docx
Explain the difference between hypothetical and categorical imperati.docxExplain the difference between hypothetical and categorical imperati.docx
Explain the difference between hypothetical and categorical imperati.docx
 
Explain in 100 words provide exampleThe capital budgeting decisi.docx
Explain in 100 words provide exampleThe capital budgeting decisi.docxExplain in 100 words provide exampleThe capital budgeting decisi.docx
Explain in 100 words provide exampleThe capital budgeting decisi.docx
 
Explain how Supreme Court decisions influenced the evolution of the .docx
Explain how Supreme Court decisions influenced the evolution of the .docxExplain how Supreme Court decisions influenced the evolution of the .docx
Explain how Supreme Court decisions influenced the evolution of the .docx
 
Explain how an offender is classified according to risk when he or s.docx
Explain how an offender is classified according to risk when he or s.docxExplain how an offender is classified according to risk when he or s.docx
Explain how an offender is classified according to risk when he or s.docx
 
Explain a lesson plan. Describe the different types of information.docx
Explain a lesson plan. Describe the different types of information.docxExplain a lesson plan. Describe the different types of information.docx
Explain a lesson plan. Describe the different types of information.docx
 
explain the different roles of basic and applied researchdescribe .docx
explain the different roles of basic and applied researchdescribe .docxexplain the different roles of basic and applied researchdescribe .docx
explain the different roles of basic and applied researchdescribe .docx
 
Explain the basics of inspirational and emotion-provoking communicat.docx
Explain the basics of inspirational and emotion-provoking communicat.docxExplain the basics of inspirational and emotion-provoking communicat.docx
Explain the basics of inspirational and emotion-provoking communicat.docx
 
Explain how leaders develop through self-awareness and self-discipli.docx
Explain how leaders develop through self-awareness and self-discipli.docxExplain how leaders develop through self-awareness and self-discipli.docx
Explain how leaders develop through self-awareness and self-discipli.docx
 
Explain five ways that you can maintain professionalism in the meeti.docx
Explain five ways that you can maintain professionalism in the meeti.docxExplain five ways that you can maintain professionalism in the meeti.docx
Explain five ways that you can maintain professionalism in the meeti.docx
 
Explain security awareness and its importance.Your response should.docx
Explain security awareness and its importance.Your response should.docxExplain security awareness and its importance.Your response should.docx
Explain security awareness and its importance.Your response should.docx
 
Experimental Design AssignmentYou were given an Aedesaegyp.docx
Experimental Design AssignmentYou were given an Aedesaegyp.docxExperimental Design AssignmentYou were given an Aedesaegyp.docx
Experimental Design AssignmentYou were given an Aedesaegyp.docx
 
Expand your website plan.Select at least three interactive fea.docx
Expand your website plan.Select at least three interactive fea.docxExpand your website plan.Select at least three interactive fea.docx
Expand your website plan.Select at least three interactive fea.docx
 
Exercise 7 Use el pronombre y la forma correcta del verbo._.docx
Exercise 7 Use el pronombre y la forma correcta del verbo._.docxExercise 7 Use el pronombre y la forma correcta del verbo._.docx
Exercise 7 Use el pronombre y la forma correcta del verbo._.docx
 
Exercise 21-8 (Part Level Submission)The following facts pertain.docx
Exercise 21-8 (Part Level Submission)The following facts pertain.docxExercise 21-8 (Part Level Submission)The following facts pertain.docx
Exercise 21-8 (Part Level Submission)The following facts pertain.docx
 

Kürzlich hochgeladen

Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
Association for Project Management
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 

Kürzlich hochgeladen (20)

TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 

Virtual Labs SniffingConsider what you have learned so far

  • 1. Virtual Labs: Sniffing Consider what you have learned so far about Sniffing as you review the objectives and scenario below. Complete the lab that follows on EC-Council's website using the link below. Objective Sniffing is performed to collect basic information from the target and its network. It helps to find vulnerabilities and select exploits for an attack. It determines the network, system, and organizational information. The objective of this lab is to make students learn to sniff a network and analyze packets for any attacks on the network. The primary objectives of this lab are to: Sniff the network Analyze incoming and outgoing packets Troubleshoot the network for performance Secure the network from attacks Scenario “Sniffing” is the process of monitoring and capturing data packets passing through a given network using software or hardware devices. There are two types of sniffing: passive and active.
  • 2. Passive sniffing refers to sniffing on a hub-based network; active sniffing refers to sniffing on a switch-based network. Although passive sniffing was predominant in earlier days, proper network-securing architecture has been implemented (switch-based network) to mitigate this kind of attack. However, it contains a few loopholes in switch-based network implementation that can open doors for an attacker to sniff network traffic. Attackers hack the network using sniffers, where he/she mainly targets the protocols vulnerable to sniffing. Some of the protocols vulnerable to sniffing include HTTP, FTP, SMTP, POP, and so on. The sniffed traffic comprises FTP and Telnet passwords, chat sessions, email and web traffic, DNS traffic, and so on. Once attackers obtain such sensitive information, they might attempt to impersonate target user sessions. Thus, it is essential to assess the security of the network’s infrastructure, find the loopholes in it and patch them up to ensure a secure network environment. So, as an ethical hacker/penetration tester, your duties include: Implementing network auditing tools such as Wireshark, and Cain & Abel, etc. in an attempt to find loopholes in the network. Using security tools such as PromqryUI to detect attacks on the network, and so on. The lab this week will provide you with real-time experience in sniffing. Week 6 Lab Assignment 1: Sniffing Passwords Using Auditing
  • 3. Tools Lab Task: The objective of this lab is to demonstrate sniffing to capture traffic from multiple interfaces and collect data from any network topology. In this lab, you will learn how to: Capture Passwords of Local Interface and Capture traffic from Remote Interface Lab Description: Data traversing an HTTP channel is prone to MITM attacks, as it flows in plain-text format. Network administrators can use sniffers to troubleshoot network problems, examine security problems, and debug protocol implementations. However, an attacker can use tools such as Wireshark and sniffs the traffic flowing between the client and the server. This traffic obtained by the attacker might contain sensitive information such as login credentials, which can be used to perform malicious activities such as user-session impersonation. As an ethical hacker, you need to perform network security assessments and suggest proper troubleshooting techniques to mitigate attacks. This lab gives you hands-on experience of how to use Wireshark to sniff network traffic and capture it on a remote interface.
  • 4. Password sniffing uses various techniques to monitor networks to obtain user passwords. Networks use broadcast technology to send data. Data transmits through the broadcast network, which can be read from another computer present on the network. Usually, all the computers except that of the recipient will notice that the message is not meant for them and ignore them. Many computers are programmed to look at every message on the network. If someone misuses the facility, they can view messages not intended for them. Access the lab here: EC-Council | iLabs (Links to an external site.) Submit proof of this assignment completion by uploading and submitting a screenshot of the graded lab from EC-Council Labs. Refer to the Course Projects page for more information on project submissions.