lab 1 packet sniffing and wireshark
play

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State - PowerPoint PPT Presentation

Jan 12, 2023 •32 likes •172 views

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University CSC 5991 Cyber Security Prac@ce 1 Packet Sniffer Packet sniffer is a basic tool for observing network packet exchanges in a computer Capturing (sniffs)

  1. Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University CSC 5991 Cyber Security Prac@ce 1

  2. Packet Sniffer • Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing (“sniffs”) packets being sent/received from/ by your computer • A packet sniffer itself is passive • Displaying the contents of the various protocol fields in these captured packets, but never sending packets itself Wayne State University CSC 5991 Cyber Security Prac@ce 2

  3. Packet Sniffer Structure Wayne State University CSC 5991 Cyber Security Prac@ce 3

  4. Packet Sniffer (cont’d) • Applica@ons ( web browsers, FTP clients, email clients ) • Network protocols (Internet protocol) • Packet capture – The packet capture library receives a copy of every link-layer frame that is sent from or received by your computer • Packet Analyzer – Displaying the contents of all fields within a protocol message – Understanding the structure of all messages exchanged by protocols – IP, TCP, HTTP headers • Wireshark, TCPDump Wayne State University CSC 5991 Cyber Security Prac@ce 4

  5. TCP/IP Network Stack • TCP/IP is the most commonly used network model for Internet services. • Because its most important protocols, the Transmission Control Protocol (TCP) and the Internet Protocol (IP) were the first networking protocols defined in this standard, it is named as TCP/IP. • It contains mul@ple layers including: – Applica@on layer – Transport layer – Network layer – Data link layer Wayne State University CSC 5991 Cyber Security Prac@ce 5

  6. An Example Layered Approach Wayne State University CSC 5991 Cyber Security Prac@ce 6

  7. Network Layers Wayne State University CSC 5991 Cyber Security Prac@ce 7

  8. Applica@on Layer • The applica@on layer includes the protocols used by most applica@ons for providing user services • Examples of applica@on layer protocols are Hypertext Transfer Protocol (HTTP), Secure Shell (SSH), File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP) Wayne State University CSC 5991 Cyber Security Prac@ce 8

  9. Transport Layer • The transport layer establishes process-to-process connec@vity, and it provides end-to-end services that are independent of underlying user data. • To implement the process-to-process communica@on, the protocol introduces a concept of port. The examples of transport layer protocols are Transport Control Protocol (TCP) and User Datagram Protocol (UDP). • The TCP provides flow control, connec@on establishment, and reliable transmission of data, while the UDP is a connec@onless transmission model. Wayne State University CSC 5991 Cyber Security Prac@ce 9

  10. Internet Layer • The Internet layer is responsible for sending packets to across networks. • It has two func@ons: 1) Host iden@fica@on by using IP addressing system (IPv4 and IPv6); and 2) packets rou@ng from source to des@na@on. • The examples of Internet layer protocols are Internet Protocol (IP), Internet Control Message Protocol (ICMP), and Address Resolu@on Protocol (ARP). Wayne State University CSC 5991 Cyber Security Prac@ce 10

  11. Link Layer • The link layer defines the networking methods within the scope of the local network link. • It is used to move the packets between two hosts on the same link. An common example of link layer protocols is Ethernet. Wayne State University CSC 5991 Cyber Security Prac@ce 11

  12. Data Encapsula@on in Network Stack Wayne State University CSC 5991 Cyber Security Prac@ce 12

  13. Lab 0 • Sign the CSC 5991 Cyber Security Prac@ce Class Student Agreement • Make sure you can login as CSC 5991 student on Zero Client – Using your WSU access ID and password – Providing VM images for lab experiments Wayne State University CSC 5991 Cyber Security Prac@ce 13

  14. Lab 0 (cont’d) • Subscribe course mailing-list csc5991-security@lists.wayne.edu – List Home page (web interface for subscribers to join/ leave list, post messages, view archives): hip://lists.wayne.edu/cgi-bin/wa?A0=csc5991-security • Send an email to the list to introduce yourself by next class • Send a zipped test.txt file on Backboard by this week Wayne State University CSC 5991 Cyber Security Prac@ce 14

Recommend

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang SUSTech CS 315 Computer Security 1 Packet

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang SUSTech CS 315 Computer Security 1 Packet

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang SUSTech CS 315 Computer Security 1 Packet Sniffer Packet sniffer is a basic tool for observing network packet exchanges in a computer Capturing (sniffs) packets being

485 views • 13 slides
Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber Security Practice 1 Packet Sniffer Packet sniffer is a basic tool for observing network packet exchanges in a computer Capturing (sniffs)

593 views • 14 slides
Network Network sniffing sniffing packet capture and analysis packet

Network Network sniffing sniffing packet capture and analysis packet

Network Network sniffing sniffing packet capture and analysis packet capture and analysis October 2, 2020 Administrative submittal instructions submittal instructions Administrative answer the lab

366 views • 17 slides
Packet Sniffing and Spoofing 1 Shared Networks Every network packet reaches every computer's

Packet Sniffing and Spoofing 1 Shared Networks Every network packet reaches every computer's

Packet Sniffing and Spoofing 1 Shared Networks Every network packet reaches every computer's network Interface card, which then filters packets based on the MAC address. A network packet has multiple concatenated components. 2 How Packets

626 views • 39 slides
Packet Sniffing and Spoofing Chester Rebeiro IIT Madras Some of the slides borrowed from the

Packet Sniffing and Spoofing Chester Rebeiro IIT Madras Some of the slides borrowed from the

Packet Sniffing and Spoofing Chester Rebeiro IIT Madras Some of the slides borrowed from the book Computer Security: A Hands on Approach by Wenliang Du Shared Networks Every network packet reaches every computer's network Interface

960 views • 59 slides
Wireshark network analyzing tool 19/03/2018 1 Wireshark network analyzing tool What?

Wireshark network analyzing tool 19/03/2018 1 Wireshark network analyzing tool What?

Wireshark network analyzing tool 19/03/2018 1 Wireshark network analyzing tool What? One of the best open source packet analyzers available today Captures network packets and tries to display content as detailed as possible

338 views • 5 slides
How to do Packet Sniffing on Linux (tcpdump) NetBeez Webinar Panos Vouzis Co-founder and COO

How to do Packet Sniffing on Linux (tcpdump) NetBeez Webinar Panos Vouzis Co-founder and COO

How to do Packet Sniffing on Linux (tcpdump) NetBeez Webinar Panos Vouzis Co-founder and COO Agenda What is tcpdump? Lab set-up tcpdump usage Output breakdown Saving to file Filtering (host, port, traffic

582 views • 11 slides
Section 6: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark

Section 6: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark

Section 6: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark https://courses.cs.washington.edu/courses/cse461/20au/section-data/461-demo.pcap Open this file in wireshark

622 views • 26 slides
Wireshark Tutorial Chris Neasbitt UGA Dept. of Computer Science Contents Introduction

Wireshark Tutorial Chris Neasbitt UGA Dept. of Computer Science Contents Introduction

Wireshark Tutorial Chris Neasbitt UGA Dept. of Computer Science Contents Introduction What is a network trace? What is Wireshark? Basic UI Some of the most useful parts of the UI. Packet Capture How do we capture

1.05k views • 27 slides
Network concepts introduction & wireshark workshop @ KirilsSolovjovs wireshark +4fd9

Network concepts introduction & wireshark workshop @ KirilsSolovjovs wireshark +4fd9

Network concepts introduction & wireshark workshop @ KirilsSolovjovs wireshark +4fd9 ISO/OSI+DoD model wireshark +4fd9 T opics for our workshop Network layer models Ethernet, WiFi Layer3: ARP, ICMP, IPv4, IPv6 Layer4:

812 views • 44 slides
Section ?: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark (Not that) advanced

Section ?: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark (Not that) advanced

Section ?: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark (Not that) advanced SSH ssh user@server -p port SSH Keys SSH Encryption SSH uses symmetrical encryption The session key is negotiated securely under

530 views • 25 slides
TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview

TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview

TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview Last time Today TCP/IP Attacks IP Sniffing Ethernet Spoofing ARP Hijacking (ARP) Tools/libraries Libnet,

729 views • 37 slides
Wireshark Drinking straight from the network hose Wireshark Drinking straight from the network

Wireshark Drinking straight from the network hose Wireshark Drinking straight from the network

Wireshark Drinking straight from the network hose Wireshark Drinking straight from the network hose Md. Abdul Awal TEIN Application Workshop 2017 BdREN University of Dhaka awal@bdren.net.bd December 11, 2017 These materials are licensed

612 views • 31 slides
Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP

Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP

1/24/2012 Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP Sniffing the network and forging packets tcpdump, wireshark Today: ICMP and UDP Network Security Lecture 5 Eike Ritter Network

281 views • 7 slides
Introduction to Packet Tracer What is Packet Tracer? Packet Tracer is a protocol simulator

Introduction to Packet Tracer What is Packet Tracer? Packet Tracer is a protocol simulator

Introduction to Packet Tracer What is Packet Tracer? Packet Tracer is a protocol simulator developed by Dennis Frezzo and his team at Cisco Systems. Packet Tracer (PT) is a powerful and dynamic tool that displays the various protocols used in

419 views • 17 slides
TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of

TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of

TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP Sniffing the network and forging packets tcpdump, wireshark Today: ICMP and UDP Eike Ritter Network Security -

881 views • 38 slides
CSE 484 / CSE M 584 Computer Security: SQL, Wireshark, and Policy TA: Thomas Crosley

CSE 484 / CSE M 584 Computer Security: SQL, Wireshark, and Policy TA: Thomas Crosley

CSE 484 / CSE M 584 Computer Security: SQL, Wireshark, and Policy TA: Thomas Crosley tcrosley@cs SQL Review Structured Query Language (SQL) used to communicate with databases Standard SQL commands SELECT, INSERT, UPDATE, DELETE, DROP

771 views • 12 slides
University of Warwick Sniffing out Tuberculosis Dr J.A. Covington Biomedical Sensors Lab School

University of Warwick Sniffing out Tuberculosis Dr J.A. Covington Biomedical Sensors Lab School

University of Warwick Sniffing out Tuberculosis Dr J.A. Covington Biomedical Sensors Lab School of Engineering A life in smell H 2 Flow Sensor Filter Detector Motivation Point of care Rapid Patient acceptable

474 views • 14 slides
Cyber@UC Meeting 49 Systems Exploitation: Sniffing, Man in the Middle, etc If Youre New!

Cyber@UC Meeting 49 Systems Exploitation: Sniffing, Man in the Middle, etc If Youre New!

Cyber@UC Meeting 49 Systems Exploitation: Sniffing, Man in the Middle, etc If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general) Feel free to get involved with one of our committees:

464 views • 21 slides
Packet Radio Lee Maddox, N4HOK What is Packet Radio? Packet radio is the connection of a computer

Packet Radio Lee Maddox, N4HOK What is Packet Radio? Packet radio is the connection of a computer

03/11/2017 Packet Radio Lee Maddox, N4HOK What is Packet Radio? Packet radio is the connection of a computer to a radio for the transmission of digital data via amateur radio. It is another mode of operation that has a multitude of uses, such as

571 views • 17 slides
How to (passively) measure? Packet Monitoring 1 What to expect? Overview / What is packet

How to (passively) measure? Packet Monitoring 1 What to expect? Overview / What is packet

How to (passively) measure? Packet Monitoring 1 What to expect? Overview / What is packet monitor? How to acquire the data Handling performance bottlenecks Case Study: Packet Capture Performance Analyzing the transport and

487 views • 37 slides
CSE 484 / CSE M 584 Computer Security: iOS, Wireless Security & Wireshark TA: Adrian Sham

CSE 484 / CSE M 584 Computer Security: iOS, Wireless Security & Wireshark TA: Adrian Sham

CSE 484 / CSE M 584 Computer Security: iOS, Wireless Security & Wireshark TA: Adrian Sham adrsham@cs With material from Franzi and Bens slides Logistics / Reminders Tomorrow Ian will introduce more tools you will need for Lab #3

318 views • 11 slides
Packet Information IMPORTANT LABEL ON RIGHT HAND SIDE OF PACKET Shoe, Gym 11111 (Student ID #)

Packet Information IMPORTANT LABEL ON RIGHT HAND SIDE OF PACKET Shoe, Gym 11111 (Student ID #)

Curriculum & Activities Night Class of 2020 Packet Information IMPORTANT LABEL ON RIGHT HAND SIDE OF PACKET Shoe, Gym 11111 (Student ID #) Feeder School Name NEON GREEN sticker on front of packet = MISSING EXPLORE Appointment date

99 views • 6 slides
Smartcard protocol sniffing Introduction to the theoretical and practical issues involved in

Smartcard protocol sniffing Introduction to the theoretical and practical issues involved in

Introduction Logging the communication Re-engineering the protocol Creating a simulacrum Smartcard protocol sniffing Introduction to the theoretical and practical issues involved in cloning/simulating existing smartcards Bernd Fix,

768 views • 60 slides

More recommend