Академический Документы
Профессиональный Документы
Культура Документы
12
scanning techniques:
-----------------------------------------------------------------------------------
---------------------------------------------
7-sniffing:
it is a process of monitoring and capturing all data packets passing through a
given network using sniffing tools.
sniffer turns NIC of the network system into promiscous mode so that he can listen
to all the data transmitted in the segment.
active sniffing is used to sniff a switch based network
active sniffing like injecting address resolution packets into CAM table.
sniffers operate at the data link layer
wiretapping-ACTIVE & PASSIVE
LAWFUL interception means legally intercepting data comm between two endpoints for
surveillance.
PRISM:Planning tool for resource integration,synchronisation amd management
CAM table stores information of MAC addresses.
MAC FLOODING involves flooding the CAM table WITH FAKE mac addresses and IP pairs
until it is full.
MACOF:Unix tool that floods the CAM table with random MAC addresses.-131000 per
minute.
How DHCP WORKS: DHCP maintains TCP/IP with config parameters and IP addresses,and
duration of the leaseoffered by the server.
dhcp starvation attack: this is denial of service attack on DHCP servers and tries
to lease all the dhcp addresses available.
DHCP starvation attack tools:DHCP starv & YERSINIA.
Rogue DHCP server attack:Attacker sets rogue DHCP server in the network and
responds to DHCP address with bogus IP address.
switch port stealing technique uses MAC flooding to sniff the packets.
attacker floods the switch with forged gratituous ARP PACKETS.
HOW TO DEFEND AGAINST MAC Attacks: configure port security on cisco switch.
Only one MAC Address allowed on switch port.
ufasoft: automated ARP poisoning tools that sniffs passwords on the network and
works on wi-fi network as well.
-----------------------------------------------------------------------------------
------------------------------------------------------------------
MODULE:05 SYSTEM HACKING
packet sniffer tool:gets all info of LAN and raw network traffic.