Sniffing is performed to collect basic information from the target and its network. It helps to find vulnerabilities and select exploits for attack. It determines network information, system information, and organizational information.
Objective
The objective of this lab is to familiarize students with how to sniff a network and analyze packets for any attacks on the network. The primary objectives of this lab are to:
- Sniff the network
- Analyze incoming and outgoing packets
- Troubleshoot the network for performance
Scenario
Sniffing is a technique used to intercept data in information security, where many of the tools that are used to secure the network can also be used by attackers to exploit and compromise the same network. The core objective of sniffing is tosteal data, such as sensitive information, email text, etc.
Network sniffing involves intercepting network traffic between two target network nodes and capturing network packets exchanged between nodes. A packet sniffer is also referred to as a network monitor that is used legitimately by a network administrator to monitor the network for vulnerabilities by capturing the network traffic and should there be any issues, proceeds to troubleshoot the same.
Similarly, sniffing tools can be used by attackers in promiscuous mode to capture and analyze all the network traffic. Once attackers have captured the network traffic they can analyze the packets and view the user name and passwordinformation in a given network as this information is transmitted in a cleartext format. An attacker can easily intrude into a network using this login information and compromise other systems on the network.
Hence, it is very crucial for a network administrator to be familiar with network traffic analyzers and he or she should be able to maintain and monitor a network to detect rogue packet sniffers, MAC attacks, DHCP attacks, ARP poisoning, spoofing, or DNS poisoning, and know the types of information that can be detected from the captured data and use the information to keep the network running smoothly.
Network sniffing involves intercepting network traffic between two target network nodes and capturing network packets exchanged between nodes. A packet sniffer is also referred to as a network monitor that is used legitimately by a network administrator to monitor the network for vulnerabilities by capturing the network traffic and should there be any issues, proceeds to troubleshoot the same.
Similarly, sniffing tools can be used by attackers in promiscuous mode to capture and analyze all the network traffic. Once attackers have captured the network traffic they can analyze the packets and view the user name and passwordinformation in a given network as this information is transmitted in a cleartext format. An attacker can easily intrude into a network using this login information and compromise other systems on the network.
Hence, it is very crucial for a network administrator to be familiar with network traffic analyzers and he or she should be able to maintain and monitor a network to detect rogue packet sniffers, MAC attacks, DHCP attacks, ARP poisoning, spoofing, or DNS poisoning, and know the types of information that can be detected from the captured data and use the information to keep the network running smoothly.
Sniffers Exercises
Ethical Hacking Exercises / Sniffers contains the following Exercises:
- Sniffing the Network Using the OmniPeek Network Analyzer
- Spoofing MAC Address Using SMAC
- Sniffing a Network Using the WinArpAttacker Tool
- Sniffing Passwords using Wireshark
- Performing Man-In-The-Middle Attack using Cain & Abel
- Advanced ARP Spoofing Detection using Xarp
- Detecting Systems running in Promiscuous mode in a Network using PromqryUI
- Sniffing Password from Captured Packets using Sniff-O-Matic
The Virtual Private Cloud for this Lab set utilizes:
Ethical Hacking Exercises are available as part of the following subscription:
The Exercises in this lab map to the Certified Ethical Hacker V10 Course. Each subscription provides 6 months of access to 107 Different Exercises. Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise.
Lab exercises are included for:
- Footprinting and Reconnaissance
- Scanning Networks
- Enumeration
- Vulnerability Analysis
- System Hacking
- Malware Threats
- Sniffing
- Social Engineering
- Denial of Service
- Session Hijacking
- Evading IDS Firewalls and Honeypots
- Hacking Web Servers
- Hacking Web Applications
- SQL Injection
- Hacking Wireless Networks
- Hacking Mobile Platforms
- Cloud Computing
- Cryptography