Sniffing

Sniffing


In this blog you are going to learn what is sniffing ? types of sniffing, tools and protocols that are vulnerable to sniffing attacks.

Sniffing is the process of monitoring and capturing all the packets through a given network. This work is assigned to network/system administrator to monitor network traffic. Attackers use this method to capture data packets containing sensitive information such as passwords, account information etc. Sniffers can be hardware or software. It is also called as wiretapping because you may have seen this situation where a third person bugs a telephone line to hear a conversation, it's the same method only an attacker sniffs network in this case.










Types of Sniffing 

Now you are going to see what are the types of sniffing.
  • Active Sniffing
  • Passive Sniffing

Active Sniffing : 

If an attacker tries active sniffing it will lock, monitor and also alter the data packets in some way. Active sniffing is used to sniff a switch-based network. It involves injecting address resolution packets into target network to flood on the switch content addressable memory (CAM) table. CAM keeps track of which host is connected.

Active Sniffing Techniques

MAC Flooding
DHCP Attacks
DNS Poisoning
ARP Poisoning
Spoofing Attacks

Passive Sniffing : 

In Passive Sniffing the packets can be monitored it cannot be altered in any way. It works with hub devices. On a hub device the traffic is sent to all the ports. In a network that uses hubs to connect systems, all host on the network can see the traffic therefore an attacker can capture traffic going through. But today most modern networks use switches hence passive sniffing is no more effective.








Sniffing Tools 


  • BetterCAP
  • Ettercap
  • Wireshark
  • Tcpdump
  • WinDump

Protocols that are vulnerable to sniffing attacks


HTTP - It sends information in plain text thus a real target.

SMTP - It is used in transferring emails.

NNTP - It is used in all types of communication and sends data in plain text.

POP - It is used to receive emails from servers.

FTP - It is used in sending and receiving files.

IMAP - same as SMTP but more vulnerable.

Telnet - Sends everything (usernames, passwords, keystrokes) over the network in plain text.




Comments

Post a Comment

Popular

Ethical hacking terminologies

Image
Ethical Hacking Terminologies  Following is the list of terms that are frequently used in the field of ethical hacking . If you are not aware of these terms then it would be difficult for you to understand the concept of ethical hacking properly. Thus knowing this will ease your process of going further in this domain. Vulnerability -  A weakness, flaw or loophole in a system, network or any device that can be exploited. Threat -  A danger that can exploit an existing bug or vulnerability to compromise the security of a network system. Attack - An action that is done to extract a sensitive data by getting unauthorized access of a system. Phishing - A process where an attacker creates fake website or url which looks like a legit page but it's to trap the user to get sensitive data. Backdoor -  A hidden entry point which can bypass the authentication process i.e logins and passwords also known as trapdoor. Brute
Read more

OSI model

Image
OSI model OSI model is an acronym for Open Systems Interconnection is used to define how data is transferred from one system to another system in a computer network. Now you may ask how a network is formed? If two computers are connected to each other with LAN cables, connectors and Network Interface Card forms a network. Since the designing and infrastructure won't be similar of two computers the OSI model was introduced by ISO(International Organization for Standardization) in 1984 for a successful communication between computers or networks. OSI model consists of  7 different layers 1. Application layer 2. Presentation layer 3. Session layer 4. Transport layer 5. Network layer 6. Data link layer 7. Physical layer Now I'm going to give a mnemonic to remember the OSI model Please-Do-Not-Throw-Sausage-Pizza-Away, easy right? Application layer - Application layer does not include applications like chrome, firefox instead it incl
Read more

Phases of ethical hacking

Image
Phases of Ethical Hacking  In order to be successful in hacking, a hacker needs to follow some steps or you can say phases which involves 5 crucial stages which helps hackers to make a structured ethical hacking attack. Reconnaissance : This is the first phase of hacking   where an attacker gathers as much information as possible. It is also called as footprinting or information gathering. Information that we collect is divided in three groups - network, host, people. There are two types of reconnaissance  - Active & Passive. Active - Direct communication is involved to gather information about the target. Information can be regarding an individual or an organization so anytime if somebody is taking too much interest on you or your background - Be alert! Tools used to scan a network can be Nmap , Hping , etc Passive - Here indirect communication takes place. Information can be gathered using social media websites or public websites. Scanning :  Here an
Read more