lab 1 packet sniffing and wireshark
play

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State - PowerPoint PPT Presentation

Jan 12, 2023 •32 likes •172 views

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University CSC 5991 Cyber Security Prac@ce 1 Packet Sniffer Packet sniffer is a basic tool for observing network packet exchanges in a computer Capturing (sniffs)

  1. Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University CSC 5991 Cyber Security Prac@ce 1

  2. Packet Sniffer • Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing (“sniffs”) packets being sent/received from/ by your computer • A packet sniffer itself is passive • Displaying the contents of the various protocol fields in these captured packets, but never sending packets itself Wayne State University CSC 5991 Cyber Security Prac@ce 2

  3. Packet Sniffer Structure Wayne State University CSC 5991 Cyber Security Prac@ce 3

  4. Packet Sniffer (cont’d) • Applica@ons ( web browsers, FTP clients, email clients ) • Network protocols (Internet protocol) • Packet capture – The packet capture library receives a copy of every link-layer frame that is sent from or received by your computer • Packet Analyzer – Displaying the contents of all fields within a protocol message – Understanding the structure of all messages exchanged by protocols – IP, TCP, HTTP headers • Wireshark, TCPDump Wayne State University CSC 5991 Cyber Security Prac@ce 4

  5. TCP/IP Network Stack • TCP/IP is the most commonly used network model for Internet services. • Because its most important protocols, the Transmission Control Protocol (TCP) and the Internet Protocol (IP) were the first networking protocols defined in this standard, it is named as TCP/IP. • It contains mul@ple layers including: – Applica@on layer – Transport layer – Network layer – Data link layer Wayne State University CSC 5991 Cyber Security Prac@ce 5

  6. An Example Layered Approach Wayne State University CSC 5991 Cyber Security Prac@ce 6

  7. Network Layers Wayne State University CSC 5991 Cyber Security Prac@ce 7

  8. Applica@on Layer • The applica@on layer includes the protocols used by most applica@ons for providing user services • Examples of applica@on layer protocols are Hypertext Transfer Protocol (HTTP), Secure Shell (SSH), File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP) Wayne State University CSC 5991 Cyber Security Prac@ce 8

  9. Transport Layer • The transport layer establishes process-to-process connec@vity, and it provides end-to-end services that are independent of underlying user data. • To implement the process-to-process communica@on, the protocol introduces a concept of port. The examples of transport layer protocols are Transport Control Protocol (TCP) and User Datagram Protocol (UDP). • The TCP provides flow control, connec@on establishment, and reliable transmission of data, while the UDP is a connec@onless transmission model. Wayne State University CSC 5991 Cyber Security Prac@ce 9

  10. Internet Layer • The Internet layer is responsible for sending packets to across networks. • It has two func@ons: 1) Host iden@fica@on by using IP addressing system (IPv4 and IPv6); and 2) packets rou@ng from source to des@na@on. • The examples of Internet layer protocols are Internet Protocol (IP), Internet Control Message Protocol (ICMP), and Address Resolu@on Protocol (ARP). Wayne State University CSC 5991 Cyber Security Prac@ce 10

  11. Link Layer • The link layer defines the networking methods within the scope of the local network link. • It is used to move the packets between two hosts on the same link. An common example of link layer protocols is Ethernet. Wayne State University CSC 5991 Cyber Security Prac@ce 11

  12. Data Encapsula@on in Network Stack Wayne State University CSC 5991 Cyber Security Prac@ce 12

  13. Lab 0 • Sign the CSC 5991 Cyber Security Prac@ce Class Student Agreement • Make sure you can login as CSC 5991 student on Zero Client – Using your WSU access ID and password – Providing VM images for lab experiments Wayne State University CSC 5991 Cyber Security Prac@ce 13

  14. Lab 0 (cont’d) • Subscribe course mailing-list csc5991-security@lists.wayne.edu – List Home page (web interface for subscribers to join/ leave list, post messages, view archives): hip://lists.wayne.edu/cgi-bin/wa?A0=csc5991-security • Send an email to the list to introduce yourself by next class • Send a zipped test.txt file on Backboard by this week Wayne State University CSC 5991 Cyber Security Prac@ce 14

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang SUSTech CS 315 Computer Security 1 Packet

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang SUSTech CS 315 Computer Security 1 Packet

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang SUSTech CS 315 Computer Security 1 Packet Sniffer Packet sniffer is a basic tool for observing network packet exchanges in a computer Capturing (sniffs) packets being

485 views • 13 slides
Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber Security Practice 1 Packet Sniffer Packet sniffer is a basic tool for observing network packet exchanges in a computer Capturing (sniffs)

593 views • 14 slides
Network Network sniffing sniffing packet capture and analysis packet

Network Network sniffing sniffing packet capture and analysis packet

Network Network sniffing sniffing packet capture and analysis packet capture and analysis October 2, 2020 Administrative submittal instructions submittal instructions Administrative answer the lab

366 views • 17 slides
Packet Sniffing and Spoofing 1 Shared Networks Every network packet reaches every computer's

Packet Sniffing and Spoofing 1 Shared Networks Every network packet reaches every computer's

Packet Sniffing and Spoofing 1 Shared Networks Every network packet reaches every computer's network Interface card, which then filters packets based on the MAC address. A network packet has multiple concatenated components. 2 How Packets

625 views • 39 slides
Packet Sniffing and Spoofing Chester Rebeiro IIT Madras Some of the slides borrowed from the

Packet Sniffing and Spoofing Chester Rebeiro IIT Madras Some of the slides borrowed from the

Packet Sniffing and Spoofing Chester Rebeiro IIT Madras Some of the slides borrowed from the book Computer Security: A Hands on Approach by Wenliang Du Shared Networks Every network packet reaches every computer's network Interface

960 views • 59 slides
Wireshark network analyzing tool 19/03/2018 1 Wireshark network analyzing tool What?

Wireshark network analyzing tool 19/03/2018 1 Wireshark network analyzing tool What?

Wireshark network analyzing tool 19/03/2018 1 Wireshark network analyzing tool What? One of the best open source packet analyzers available today Captures network packets and tries to display content as detailed as possible

338 views • 5 slides
How to do Packet Sniffing on Linux (tcpdump) NetBeez Webinar Panos Vouzis Co-founder and COO

How to do Packet Sniffing on Linux (tcpdump) NetBeez Webinar Panos Vouzis Co-founder and COO

How to do Packet Sniffing on Linux (tcpdump) NetBeez Webinar Panos Vouzis Co-founder and COO Agenda What is tcpdump? Lab set-up tcpdump usage Output breakdown Saving to file Filtering (host, port, traffic

582 views • 11 slides
Section 6: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark

Section 6: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark

Section 6: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark https://courses.cs.washington.edu/courses/cse461/20au/section-data/461-demo.pcap Open this file in wireshark

622 views • 26 slides
Wireshark Tutorial Chris Neasbitt UGA Dept. of Computer Science Contents Introduction

Wireshark Tutorial Chris Neasbitt UGA Dept. of Computer Science Contents Introduction

Wireshark Tutorial Chris Neasbitt UGA Dept. of Computer Science Contents Introduction What is a network trace? What is Wireshark? Basic UI Some of the most useful parts of the UI. Packet Capture How do we capture

1.05k views • 27 slides
Network concepts introduction & wireshark workshop @ KirilsSolovjovs wireshark +4fd9

Network concepts introduction & wireshark workshop @ KirilsSolovjovs wireshark +4fd9

Network concepts introduction & wireshark workshop @ KirilsSolovjovs wireshark +4fd9 ISO/OSI+DoD model wireshark +4fd9 T opics for our workshop Network layer models Ethernet, WiFi Layer3: ARP, ICMP, IPv4, IPv6 Layer4:

812 views • 44 slides
Section ?: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark (Not that) advanced

Section ?: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark (Not that) advanced

Section ?: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark (Not that) advanced SSH ssh user@server -p port SSH Keys SSH Encryption SSH uses symmetrical encryption The session key is negotiated securely under

530 views • 25 slides
TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview

TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview

TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview Last time Today TCP/IP Attacks IP Sniffing Ethernet Spoofing ARP Hijacking (ARP) Tools/libraries Libnet,

729 views • 37 slides
Wireshark Drinking straight from the network hose Wireshark Drinking straight from the network

Wireshark Drinking straight from the network hose Wireshark Drinking straight from the network

Wireshark Drinking straight from the network hose Wireshark Drinking straight from the network hose Md. Abdul Awal TEIN Application Workshop 2017 BdREN University of Dhaka awal@bdren.net.bd December 11, 2017 These materials are licensed

612 views • 31 slides
Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP

Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP

1/24/2012 Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP Sniffing the network and forging packets tcpdump, wireshark Today: ICMP and UDP Network Security Lecture 5 Eike Ritter Network

281 views • 7 slides
Introduction to Packet Tracer What is Packet Tracer? Packet Tracer is a protocol simulator

Introduction to Packet Tracer What is Packet Tracer? Packet Tracer is a protocol simulator

Introduction to Packet Tracer What is Packet Tracer? Packet Tracer is a protocol simulator developed by Dennis Frezzo and his team at Cisco Systems. Packet Tracer (PT) is a powerful and dynamic tool that displays the various protocols used in

419 views • 17 slides
TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of

TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of

TCP/IP: ICMP, UDP Network Security Lecture 5 Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP Sniffing the network and forging packets tcpdump, wireshark Today: ICMP and UDP Eike Ritter Network Security -

881 views • 38 slides
Trajectory Clustering: Visual Analytics Approaches Gennady Andrienko & Natalia Andrienko y

Trajectory Clustering: Visual Analytics Approaches Gennady Andrienko & Natalia Andrienko y

Trajectory Clustering: Visual Analytics Approaches Gennady Andrienko & Natalia Andrienko y http://geoanalytics.net Outline Similarity measures for trajectories Si il it f t j t i Density-based clustering of trajectories

739 views • 54 slides
Machine Learning 2 DS 4420 - Spring 2020 Clustering I Byron C. Wallace Unsupervised learning

Machine Learning 2 DS 4420 - Spring 2020 Clustering I Byron C. Wallace Unsupervised learning

Machine Learning 2 DS 4420 - Spring 2020 Clustering I Byron C. Wallace Unsupervised learning So far we have reviewed some fundamentals, discussed Maximum Likelihood Estimation (MLE) for probabilistic models, and neural networks/backprop

931 views • 75 slides
Hierarchical Clustering 4/5/17 Hypothesis Space Continuous inputs Output is a binary tree

Hierarchical Clustering 4/5/17 Hypothesis Space Continuous inputs Output is a binary tree

Hierarchical Clustering 4/5/17 Hypothesis Space Continuous inputs Output is a binary tree with data points as leaves. Useful for explaining the training data. Not useful for making new predictions. Direction of Clustering Two

408 views • 17 slides
Measuring distance/ similarity of data objects Multiple data types Records of users

Measuring distance/ similarity of data objects Multiple data types Records of users

Measuring distance/ similarity of data objects Multiple data types Records of users Graphs Images Videos Text (webpages, books) Strings (DNA sequences) Timeseries How do we compare them? Feature space

434 views • 27 slides
Specific Simple Network Management Tools urgen Sch onw J alder University of Osnabr

Specific Simple Network Management Tools urgen Sch onw J alder University of Osnabr

Specific Simple Network Management Tools urgen Sch onw J alder University of Osnabr uck Albrechtstr. 28 49069 Osnabr uck, Germany Tel.: +49 541 969 2483 Email: <schoenw@informatik.uni-osnabrueck.de> Web:

436 views • 18 slides
Linux Kernel AgentX Sub-Agents Oliver Wellnitz wellnitz@ibr.cs.tu-bs.de Institute of Operating

Linux Kernel AgentX Sub-Agents Oliver Wellnitz wellnitz@ibr.cs.tu-bs.de Institute of Operating

Linux Kernel AgentX sub-agents Linux Kernel AgentX Sub-Agents Oliver Wellnitz wellnitz@ibr.cs.tu-bs.de Institute of Operating Systems and Computer Networks Technical University Braunschweig, Germany Oliver Wellnitz, IBR, TU Braunschweig page

469 views • 20 slides
ilab 2 - IPSec with IKEv2 and Strongswan Lukas Grillmayer and Linus Lotz Chair for Network

ilab 2 - IPSec with IKEv2 and Strongswan Lukas Grillmayer and Linus Lotz Chair for Network

ilab 2 - IPSec with IKEv2 and Strongswan Lukas Grillmayer and Linus Lotz Chair for Network Architectures and Services Department for Computer Science Technische Universit at M unchen June 4, 2014 Lukas Grillmayer and Linus Lotz: ilab 2 -

1.39k views • 51 slides
Class of Infrastructures for Cloud Computing and Big Data M QoS basics and protocols Antonio

Class of Infrastructures for Cloud Computing and Big Data M QoS basics and protocols Antonio

University of Bologna Dipartimento di Informatica Scienza e Ingegneria (DISI) Engineering Bologna Campus Class of Infrastructures for Cloud Computing and Big Data M QoS basics and protocols Antonio Corradi Academic year 2017/2018 QoS 1

640 views • 48 slides

More recommend