Electronic Books

There is a way to ???sniff??? traffic on a switch to show all traffic to
specific or every computer on a switch, which will be covered in Chapter 9.
202


Practical Hacking Techniques and Countermeasures
The captured data screen appears. The items listed are as follows:


The Packets are numbered (No.).


Time
the packet was captured after the Start button was clicked.


The
Source
of the packet.


The
Destination
of the packet.


The
Protocol
of the captured packet.


The purpose (
Info
) of the packet.
The small gray area below the packets can be expanded by dragging the
bar up and down. This area identifies the technical specifics of each packet.
The bottom section of the screen shows the data of the packets captured.
This is an important area for viewing the packets.
Sniffing Traffic


203
Click on the
Protocol
column to sort the results based on the packets
captured.
Scroll down on the right side of the screen until you see the FTP protocols
captured. Click on the first FTP protocol packet listed to highlight it.
204


Practical Hacking Techniques and Countermeasures
Right-click on the first
FTP
packet listed and left-click on
Follow TCP Stream
.
Ethereal will now place the packets in order of transmission. In this case,
because FTP is unencrypted (known as clear text) it becomes apparent why using
clear text FTP can become dangerous if an attacker is sniffing your connection.


Pages:
77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101