Electronic Books

???
*Note: Keep in mind that the traffic you see is completely dependent upon the
environment the computer ???sniffing??? resides in. For example, if the network
link you are using is connected to a network hub. you will be able to see all
traffic going through that hub to all other computers on that hub. If, however,
the network link you are using is connected to a switch, you will only be
able to see traffic specifically destined to your connection. There is a way to
???sniff??? traffic on a switch to show all traffic to a specific or every computer
on a switch, which will be covered in Chapter 9.
232
Practical Hacking Techniques and Countermeasures
WinDump also allows you to save the output to a file for further analysis
by redirecting the output to a file by typing:
windump >> output.txt
In this example, the output will be saved to a file named output.txt. To
stop the application, hold down the Ctrl key plus the C key.
Sniffing Traffic
233
By opening the file you can analyze the captured data.
*Note: Attackers are looking for any unencrypted (plain text) data that flows along
the network. Some of the items of interest are:

Usernames

Passwords

E-mails

IP addresses

MAC addresses

Router IP addresses
234
Practical Hacking Techniques and Countermeasures
Lab 45: Packet Capture ??” Sniffer
Monitor IP Network Traffic Flow: IPDump2
Prerequisites: None
Countermeasures: Encryption, various sniffer detector applications
Description: The IPDump2 application is a command-line utility that allows
for the monitoring of the network traffic flow.


Pages:
85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109