Electronic Books

Scanning
191
In the next example ADM Gates is used to scan a specific server
(spiveytech.com).
*Note: The spiveytech.com domain has no Wingate server installed; this is to show
the syntax of how to scan a specific machine.
*Note: Both the WGateScan and ADM Gate scanners are effective at locating Wingate
servers. The noticeable difference is that the WGateScan is set to specific IP
ranges whereas the ADM Gate scanner is capable of scanning an entire
domain (.com, .edu, .net, etc.).
Chapter 5
Sniffing Traffic
Sniffing Traffic


195
Lab 41: Packet Capture ??” Sniffer
Exploit Data from Network Traffic: Ethereal
Prerequisites:
WinPcap
Countermeasures:
Encryption, various sniffer detector applications
Description:
Ethereal is an excellent sniffer program that allows the capturing
of network packets as they traverse the network to allow the
user to look ???inside??? the packets themselves for information about the
sender and/or receiver. Information that can be useful to an attacker
includes the following:


IP addresses


Hostnames


Routes


Data (much data is sent in clear text; including File Transfer Protocol
(FTP), Telnet, e-mails, etc.).


Protocol information
By capturing packets on the network an attacker can better structure his
or her attack or glean important information from the data collected. Please
remember that all Linux commands are
case sensitive
.
*Note:
Ethereal will be referenced throughout the remainder of this book to verify
the results of other labs.


Pages:
74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98