Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State - - PowerPoint PPT Presentation

lab 1 packet sniffing and wireshark
SMART_READER_LITE
LIVE PREVIEW

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State - - PowerPoint PPT Presentation

Feb 13, 2023 433 likes •598 views

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber Security Practice 1 Packet Sniffer Packet sniffer is a basic tool for observing network packet exchanges in a computer Capturing (sniffs)

slide-1
SLIDE 1

Lab 1: Packet Sniffing and Wireshark

Fengwei Zhang

Wayne State University Course: Cyber Security Practice 1

slide-2
SLIDE 2

Packet Sniffer

  • Packet sniffer is a basic tool for observing network

packet exchanges in a computer

  • Capturing (“sniffs”) packets being sent/received from/

by your computer

  • A packet sniffer itself is passive
  • Displaying the contents of the various protocol fields in

these captured packets, but never sending packets itself

Wayne State University Course: Cyber Security Practice 2

slide-3
SLIDE 3

Packet Sniffer Structure

Wayne State University Course: Cyber Security Practice 3

slide-4
SLIDE 4

Packet Sniffer (cont’d)

  • Applications ( web browsers, FTP clients, email clients )
  • Network protocols (Internet protocol)
  • Packet capture

– The packet capture library receives a copy of every link-layer frame that is sent from or received by your computer

  • Packet Analyzer

– Displaying the contents of all fields within a protocol message – Understanding the structure of all messages exchanged by protocols – IP, TCP, HTTP headers

  • Wireshark, TCPDump

Wayne State University Course: Cyber Security Practice 4

slide-5
SLIDE 5

TCP/IP Network Stack

  • TCP/IP is the most commonly used network model for

Internet services.

  • Because its most important protocols, the Transmission

Control Protocol (TCP) and the Internet Protocol (IP) were the first networking protocols defined in this standard, it is named as TCP/IP.

  • It contains multiple layers including:

– Application layer – Transport layer – Network layer – Data link layer

Wayne State University Course: Cyber Security Practice 5

slide-6
SLIDE 6

An Example Layered Approach

Wayne State University Course: Cyber Security Practice 6

slide-7
SLIDE 7

Network Layers

Wayne State University Course: Cyber Security Practice 7

slide-8
SLIDE 8

Application Layer

  • The application layer includes the protocols

used by most applications for providing user services

  • Examples of application layer protocols are

Hypertext Transfer Protocol (HTTP), Secure Shell (SSH), File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP)

Wayne State University Course: Cyber Security Practice 8

slide-9
SLIDE 9

Transport Layer

  • The transport layer establishes process-to-process

connectivity, and it provides end-to-end services that are independent of underlying user data.

  • To implement the process-to-process communication, the

protocol introduces a concept of port. The examples of transport layer protocols are Transport Control Protocol (TCP) and User Datagram Protocol (UDP).

  • The TCP provides flow control, connection establishment,

and reliable transmission of data, while the UDP is a connectionless transmission model.

Wayne State University Course: Cyber Security Practice 9

slide-10
SLIDE 10

Internet Layer

  • The Internet layer is responsible for sending

packets to across networks.

  • It has two functions: 1) Host identification by

using IP addressing system (IPv4 and IPv6); and 2) packets routing from source to destination.

  • The examples of Internet layer protocols are

Internet Protocol (IP), Internet Control Message Protocol (ICMP), and Address Resolution Protocol (ARP).

Wayne State University Course: Cyber Security Practice 10

slide-11
SLIDE 11

Link Layer

  • The link layer defines the networking methods

within the scope of the local network link.

  • It is used to move the packets between two

hosts on the same link. An common example

  • f link layer protocols is Ethernet.

Wayne State University Course: Cyber Security Practice 11

slide-12
SLIDE 12

Data Encapsulation in Network Stack

Wayne State University Course: Cyber Security Practice 12

slide-13
SLIDE 13

Lab 0

  • Make sure you can login as CSC 5290 student
  • n Zero Client

– Using your WSU access ID and password – Providing VM images for lab experiments

Wayne State University Course: Cyber Security Practice 13

slide-14
SLIDE 14

Lab 0 (cont’d)

  • Subscribe course mailing-list

– csc5290@lists.wayne.edu – List Home page (web interface for subscribers to join/ leave list, post messages, view archives): http://lists.wayne.edu

  • Send an email to the list to introduce yourself by

next class

  • Send a zipped test.txt file on Backboard by this

week

Wayne State University Course: Cyber Security Practice 14