Empfohlen
Weitere ähnliche Inhalte
Ähnlich wie Internet security.pptx
Ähnlich wie Internet security.pptx (20)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
Internet security.pptx
- 2. Introduction • Password sniffing is an attack on the Internet that is used to steal user names and passwords from the network. • This often happens on public WIFI networks where it is relatively easy to spy on weak or unencrypted traffic. 2
- 3. How it Works? • Sniffer - is a software or hardware tool • Password sniffing is a type of man-in-the-middle (MITM) cyber attack. • The hacker is the “man in the middle” between your computer and the remote database you are trying to access • password sniffing targets remote databases. 3
- 4. Types of Sniffing • Passive sniffing • Active sniffing 4
- 5. Passive Sniffing • Passive sniffing works with hubs. • all devices in a hub receive all the network’s traffic, a sniffer can easily and passively soak up everything that’s being sent. 5
- 6. Active sniffing • This sniffing is carried out through Switch. • attacker tries to poison the switch by sending bogus MAC address 6
- 7. Sniffing software used for? Legitimate uses Criminal uses 7
- 8. Prevention • Not to do anything on a public WI-FI network. • Not expose yourself and private information to open networks. • Use VPN. • Install antivirus software. • Avoid HTTP logins. 8
- 9. Reference RF Wireless World. Difference between active sniffing and passive sniffing. (n.d.). Retrieved March 6, 2022, from https://www.rfwireless- world.com/Terminology/Difference-between-active-sniffing-and-passive- sniffing.html 9
- 10. Thank you ! 10
Hinweis der Redaktion
- Password sniffing is also a type of hacking. In which a software application is used to steal username and password simply by observing and passively recording network traffic. This is often happens in the public wifi where it is easy to spy on the weak traffic. Today, it is mostly historical interest as most protocols nowadays use strong encryption for password. However it used to be the worst security problem on the internet in the 1990s. When news of major password sniffing are almost weekly.
- Password sniffing attack is typically done by the implementing a password sniffer on a LAN. By accessing computer that connected in this network it can be done. Sniffer can be software or hardware that is implemented on the network where hacker have to sniff. It is a small program that listen all the traffic in the attached network and extract the user name and password from the data flow of TCP/IP packets. It just like man in the middle attack. It plays role of man in the middle between your computer and the remote database.
- Attacker does not directly interact with the target. They simply hook on the network and capture all the transmitted and received packets by the networks. It is carried out through through hub. But on thing is that atracker and target should be connected in the same host.
- In this sniffing, attacker directly interact with the targeted machine by sending packets and receiving responds. It is basically done through the switch. Attackers aims to infect the switches by transmitting false MAC address. ARP sppfing , Mac Flooding are examples.
- It can be used as both criminal and legal use. For legal use of the sniffing software, as an example, It professional also use snfiing softarw to find out he weak application which may transmiting critical imformation with out encryption. It is also used for ethical hacking. And for criminal use It can be used by the attacker for their personal benefits. / organizational benefits.