lab 1 packet sniffing and wireshark
play

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang SUSTech CS 315 - PowerPoint PPT Presentation

Jul 27, 2023 •352 likes •485 views

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang SUSTech CS 315 Computer Security 1 Packet Sniffer Packet sniffer is a basic tool for observing network packet exchanges in a computer Capturing (sniffs) packets being

  1. Lab 1: Packet Sniffing and Wireshark Fengwei Zhang SUSTech CS 315 Computer Security 1

  2. Packet Sniffer • Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing (“sniffs”) packets being sent/received from/by your computer • A packet sniffer itself is passive • Displaying the contents of the various protocol fields in these captured packets, but never sending packets itself SUSTech CS 315 Computer Security 2

  3. Packet Sniffer Structure SUSTech CS 315 Computer Security 3

  4. Packet Sniffer (cont’d) Applications ( web browsers, FTP clients, email clients ) • Network protocols (Internet protocol) • Packet capture • – The packet capture library receives a copy of every link-layer frame that is sent from or received by your computer Packet Analyzer • – Displaying the contents of all fields within a protocol message – Understanding the structure of all messages exchanged by protocols – IP, TCP, HTTP headers Wireshark, TCPDump • SUSTech CS 315 Computer Security 4

  5. TCP/IP Network Stack • TCP/IP is the most commonly used network model for Internet services. • Because its most important protocols, the Transmission Control Protocol (TCP) and the Internet Protocol (IP) were the first networking protocols defined in this standard, it is named as TCP/IP. • It contains multiple layers including: – Application layer – Transport layer – Network layer – Data link layer SUSTech CS 315 Computer Security 5

  6. An Example Layered Approach SUSTech CS 315 Computer Security 6

  7. Network Layers SUSTech CS 315 Computer Security 7

  8. Application Layer • The application layer includes the protocols used by most applications for providing user services • Examples of application layer protocols are Hypertext Transfer Protocol (HTTP), Secure Shell (SSH), File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP) SUSTech CS 315 Computer Security 8

  9. Transport Layer • The transport layer establishes process-to-process connectivity, and it provides end-to-end services that are independent of underlying user data. • To implement the process-to-process communication, the protocol introduces a concept of port. The examples of transport layer protocols are Transport Control Protocol (TCP) and User Datagram Protocol (UDP). • The TCP provides flow control, connection establishment, and reliable transmission of data, while the UDP is a connectionless transmission model. SUSTech CS 315 Computer Security 9

  10. Internet Layer • The Internet layer is responsible for sending packets to across networks. • It has two functions: 1) Host identification by using IP addressing system (IPv4 and IPv6); and 2) packets routing from source to destination. • The examples of Internet layer protocols are Internet Protocol (IP), Internet Control Message Protocol (ICMP), and Address Resolution Protocol (ARP). SUSTech CS 315 Computer Security 10

  11. Link Layer • The link layer defines the networking methods within the scope of the local network link. • It is used to move the packets between two hosts on the same link. An common example of link layer protocols is Ethernet. SUSTech CS 315 Computer Security 11

  12. Data Encapsulation in Network Stack SUSTech CS 315 Computer Security 12

  13. Mailing-list • Subscribe a course mailing-list ? SUSTech CS 315 Computer Security 13

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber Security Practice 1 Packet Sniffer Packet sniffer is a basic tool for observing network packet exchanges in a computer Capturing (sniffs)

593 views • 14 slides
Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University CSC 5991 Cyber

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University CSC 5991 Cyber

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University CSC 5991 Cyber Security Prac@ce 1 Packet Sniffer Packet sniffer is a basic tool for observing network packet exchanges in a computer Capturing (sniffs)

172 views • 14 slides
Network Network sniffing sniffing packet capture and analysis packet

Network Network sniffing sniffing packet capture and analysis packet

Network Network sniffing sniffing packet capture and analysis packet capture and analysis October 2, 2020 Administrative submittal instructions submittal instructions Administrative answer the lab

366 views • 17 slides
Packet Sniffing and Spoofing 1 Shared Networks Every network packet reaches every computer's

Packet Sniffing and Spoofing 1 Shared Networks Every network packet reaches every computer's

Packet Sniffing and Spoofing 1 Shared Networks Every network packet reaches every computer's network Interface card, which then filters packets based on the MAC address. A network packet has multiple concatenated components. 2 How Packets

625 views • 39 slides
Packet Sniffing and Spoofing Chester Rebeiro IIT Madras Some of the slides borrowed from the

Packet Sniffing and Spoofing Chester Rebeiro IIT Madras Some of the slides borrowed from the

Packet Sniffing and Spoofing Chester Rebeiro IIT Madras Some of the slides borrowed from the book Computer Security: A Hands on Approach by Wenliang Du Shared Networks Every network packet reaches every computer's network Interface

960 views • 59 slides
Wireshark network analyzing tool 19/03/2018 1 Wireshark network analyzing tool What?

Wireshark network analyzing tool 19/03/2018 1 Wireshark network analyzing tool What?

Wireshark network analyzing tool 19/03/2018 1 Wireshark network analyzing tool What? One of the best open source packet analyzers available today Captures network packets and tries to display content as detailed as possible

338 views • 5 slides
How to do Packet Sniffing on Linux (tcpdump) NetBeez Webinar Panos Vouzis Co-founder and COO

How to do Packet Sniffing on Linux (tcpdump) NetBeez Webinar Panos Vouzis Co-founder and COO

How to do Packet Sniffing on Linux (tcpdump) NetBeez Webinar Panos Vouzis Co-founder and COO Agenda What is tcpdump? Lab set-up tcpdump usage Output breakdown Saving to file Filtering (host, port, traffic

582 views • 11 slides
Section 6: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark

Section 6: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark

Section 6: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark https://courses.cs.washington.edu/courses/cse461/20au/section-data/461-demo.pcap Open this file in wireshark

622 views • 26 slides
Wireshark Tutorial Chris Neasbitt UGA Dept. of Computer Science Contents Introduction

Wireshark Tutorial Chris Neasbitt UGA Dept. of Computer Science Contents Introduction

Wireshark Tutorial Chris Neasbitt UGA Dept. of Computer Science Contents Introduction What is a network trace? What is Wireshark? Basic UI Some of the most useful parts of the UI. Packet Capture How do we capture

1.05k views • 27 slides
Network concepts introduction & wireshark workshop @ KirilsSolovjovs wireshark +4fd9

Network concepts introduction & wireshark workshop @ KirilsSolovjovs wireshark +4fd9

Network concepts introduction & wireshark workshop @ KirilsSolovjovs wireshark +4fd9 ISO/OSI+DoD model wireshark +4fd9 T opics for our workshop Network layer models Ethernet, WiFi Layer3: ARP, ICMP, IPv4, IPv6 Layer4:

812 views • 44 slides
Section ?: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark (Not that) advanced

Section ?: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark (Not that) advanced

Section ?: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark (Not that) advanced SSH ssh user@server -p port SSH Keys SSH Encryption SSH uses symmetrical encryption The session key is negotiated securely under

530 views • 25 slides
TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview

TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview

TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview Last time Today TCP/IP Attacks IP Sniffing Ethernet Spoofing ARP Hijacking (ARP) Tools/libraries Libnet,

729 views • 37 slides
Wireshark Drinking straight from the network hose Wireshark Drinking straight from the network

Wireshark Drinking straight from the network hose Wireshark Drinking straight from the network

Wireshark Drinking straight from the network hose Wireshark Drinking straight from the network hose Md. Abdul Awal TEIN Application Workshop 2017 BdREN University of Dhaka awal@bdren.net.bd December 11, 2017 These materials are licensed

612 views • 31 slides
Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP

Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP

1/24/2012 Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP Sniffing the network and forging packets tcpdump, wireshark Today: ICMP and UDP Network Security Lecture 5 Eike Ritter Network

281 views • 7 slides
Introduction to Packet Tracer What is Packet Tracer? Packet Tracer is a protocol simulator

Introduction to Packet Tracer What is Packet Tracer? Packet Tracer is a protocol simulator

Introduction to Packet Tracer What is Packet Tracer? Packet Tracer is a protocol simulator developed by Dennis Frezzo and his team at Cisco Systems. Packet Tracer (PT) is a powerful and dynamic tool that displays the various protocols used in

419 views • 17 slides
TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of

TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of

TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP Sniffing the network and forging packets tcpdump, wireshark Today: ICMP and UDP Eike Ritter Network Security -

881 views • 38 slides
B u i l d i n g I P v 6 i n t o y o u r s c h o o l ' s n e t w o

B u i l d i n g I P v 6 i n t o y o u r s c h o o l ' s n e t w o

B u i l d i n g I P v 6 i n t o y o u r s c h o o l ' s n e t w o r k A I S I C T M a n a g e m e n t a n d L e a d e r s h i p C o n f e r e n c e C a n b e r r a 2

1.39k views • 95 slides
Authorization: Firewalls Prof. Tom Austin San Jos State University Networking Basics Network

Authorization: Firewalls Prof. Tom Austin San Jos State University Networking Basics Network

CS 166: Information Security Authorization: Firewalls Prof. Tom Austin San Jos State University Networking Basics Network Includes Computers Servers Routers Wireless devices Etc. Purpose is to transmit data

839 views • 64 slides
Address Resolution ARP, RARP, Proxy ARP (C) Herbert Haas 2005/03/11 Agenda IP Forwarding

Address Resolution ARP, RARP, Proxy ARP (C) Herbert Haas 2005/03/11 Agenda IP Forwarding

Address Resolution ARP, RARP, Proxy ARP (C) Herbert Haas 2005/03/11 Agenda IP Forwarding Principle Address Resolution Protocol (ARP) IP Routing Basics IP Forwarding and ARP RARP Proxy ARP ICMP IP Forwarding and

1.03k views • 74 slides
The Network Network Security Secure against what/whom Security goals Attacker model Same

The Network Network Security Secure against what/whom Security goals Attacker model Same

The Network Network Security Secure against what/whom Security goals Attacker model Same hub `trusted LAN Internet Eavesdrop / block messages / insert messages / ... Typical attacker model security protocol analysis: Attacker

780 views • 63 slides
MAC Addresses and ARP 32-bit IP address: network-layer address Mac Addressing, Ethernet,

MAC Addresses and ARP 32-bit IP address: network-layer address Mac Addressing, Ethernet,

MAC Addresses and ARP 32-bit IP address: network-layer address Mac Addressing, Ethernet, and used to get datagram to destination IP subnet MAC (or LAN or physical or Ethernet) Interconnections address: used to get datagram

424 views • 6 slides
Medium Access Protocols Summary of MAC protocols What do you do with a shared media?

Medium Access Protocols Summary of MAC protocols What do you do with a shared media?

Medium Access Protocols Summary of MAC protocols What do you do with a shared media? Channel Partitioning, by time, frequency or code Time Division,Code Division, Frequency Division Random partitioning (dynamic), ALOHA,

754 views • 40 slides
Computer Communication Networks Link ICEN/ICSI 416 Fall 2017 Prof. Dola Saha 1 Link layer

Computer Communication Networks Link ICEN/ICSI 416 Fall 2017 Prof. Dola Saha 1 Link layer

Computer Communication Networks Link ICEN/ICSI 416 Fall 2017 Prof. Dola Saha 1 Link layer and LANs our goals: understand principles behind link layer services: error detection, correction sharing a broadcast channel: multiple

1.06k views • 89 slides
freeRTOS & lwIP for ZYNQ (and Zedboard) Dr. Heinz Rongen Forschungszentrum Jlich GmbH

freeRTOS & lwIP for ZYNQ (and Zedboard) Dr. Heinz Rongen Forschungszentrum Jlich GmbH

freeRTOS & lwIP for ZYNQ (and Zedboard) Dr. Heinz Rongen Forschungszentrum Jlich GmbH Zentralinstitut Systeme der Elektronik (ZEA-2) H.Rongen@fz-juelich.de Controller (The small ones ) - Single Chip Solutions / Applications -

715 views • 34 slides

More recommend