Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State - - PowerPoint PPT Presentation

lab 1 packet sniffing and wireshark
SMART_READER_LITE
LIVE PREVIEW

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State - - PowerPoint PPT Presentation

Jan 12, 2023 32 likes •179 views

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University CSC 5991 Cyber Security Prac@ce 1 Packet Sniffer Packet sniffer is a basic tool for observing network packet exchanges in a computer Capturing (sniffs)

slide-1
SLIDE 1

Lab 1: Packet Sniffing and Wireshark

Fengwei Zhang

Wayne State University CSC 5991 Cyber Security Prac@ce 1

slide-2
SLIDE 2

Packet Sniffer

  • Packet sniffer is a basic tool for observing network

packet exchanges in a computer

  • Capturing (“sniffs”) packets being sent/received from/

by your computer

  • A packet sniffer itself is passive
  • Displaying the contents of the various protocol fields in

these captured packets, but never sending packets itself

Wayne State University CSC 5991 Cyber Security Prac@ce 2

slide-3
SLIDE 3

Packet Sniffer Structure

Wayne State University CSC 5991 Cyber Security Prac@ce 3

slide-4
SLIDE 4

Packet Sniffer (cont’d)

  • Applica@ons ( web browsers, FTP clients, email clients )
  • Network protocols (Internet protocol)
  • Packet capture

– The packet capture library receives a copy of every link-layer frame that is sent from or received by your computer

  • Packet Analyzer

– Displaying the contents of all fields within a protocol message – Understanding the structure of all messages exchanged by protocols – IP, TCP, HTTP headers

  • Wireshark, TCPDump

Wayne State University CSC 5991 Cyber Security Prac@ce 4

slide-5
SLIDE 5

TCP/IP Network Stack

  • TCP/IP is the most commonly used network model for

Internet services.

  • Because its most important protocols, the Transmission

Control Protocol (TCP) and the Internet Protocol (IP) were the first networking protocols defined in this standard, it is named as TCP/IP.

  • It contains mul@ple layers including:

– Applica@on layer – Transport layer – Network layer – Data link layer

Wayne State University CSC 5991 Cyber Security Prac@ce 5

slide-6
SLIDE 6

An Example Layered Approach

Wayne State University CSC 5991 Cyber Security Prac@ce 6

slide-7
SLIDE 7

Network Layers

Wayne State University CSC 5991 Cyber Security Prac@ce 7

slide-8
SLIDE 8

Applica@on Layer

  • The applica@on layer includes the protocols

used by most applica@ons for providing user services

  • Examples of applica@on layer protocols are

Hypertext Transfer Protocol (HTTP), Secure Shell (SSH), File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP)

Wayne State University CSC 5991 Cyber Security Prac@ce 8

slide-9
SLIDE 9

Transport Layer

  • The transport layer establishes process-to-process

connec@vity, and it provides end-to-end services that are independent of underlying user data.

  • To implement the process-to-process communica@on, the

protocol introduces a concept of port. The examples of transport layer protocols are Transport Control Protocol (TCP) and User Datagram Protocol (UDP).

  • The TCP provides flow control, connec@on establishment,

and reliable transmission of data, while the UDP is a connec@onless transmission model.

Wayne State University CSC 5991 Cyber Security Prac@ce 9

slide-10
SLIDE 10

Internet Layer

  • The Internet layer is responsible for sending

packets to across networks.

  • It has two func@ons: 1) Host iden@fica@on by

using IP addressing system (IPv4 and IPv6); and 2) packets rou@ng from source to des@na@on.

  • The examples of Internet layer protocols are

Internet Protocol (IP), Internet Control Message Protocol (ICMP), and Address Resolu@on Protocol (ARP).

Wayne State University CSC 5991 Cyber Security Prac@ce 10

slide-11
SLIDE 11

Link Layer

  • The link layer defines the networking methods

within the scope of the local network link.

  • It is used to move the packets between two

hosts on the same link. An common example

  • f link layer protocols is Ethernet.

Wayne State University CSC 5991 Cyber Security Prac@ce 11

slide-12
SLIDE 12

Data Encapsula@on in Network Stack

Wayne State University CSC 5991 Cyber Security Prac@ce 12

slide-13
SLIDE 13

Lab 0

  • Sign the CSC 5991 Cyber Security Prac@ce

Class Student Agreement

  • Make sure you can login as CSC 5991 student
  • n Zero Client

– Using your WSU access ID and password – Providing VM images for lab experiments

Wayne State University CSC 5991 Cyber Security Prac@ce 13

slide-14
SLIDE 14

Lab 0 (cont’d)

  • Subscribe course mailing-list

csc5991-security@lists.wayne.edu

– List Home page (web interface for subscribers to join/ leave list, post messages, view archives): hip://lists.wayne.edu/cgi-bin/wa?A0=csc5991-security

  • Send an email to the list to introduce yourself by next

class

  • Send a zipped test.txt file on Backboard by this week

Wayne State University CSC 5991 Cyber Security Prac@ce 14