...observing the sequence of messages exchanged between two protocol entities, delving down into the details of protocol operation, and causing protocols to perform certain actions and then observing these actions and their consequences. This can be done in simulated scenarios or in a “real” network environment such as the Internet. In the Wireshark labs you’ll be doing in this course, you’ll be running various network applications in different scenarios using your own computer (or you can borrow a friends; let me know if you don’t have access to a computer where you can install/run Wireshark). You’ll observe the network protocols in your computer “in action,” interacting and exchanging messages with protocol entities executing elsewhere in the Internet. Thus, you and your computer will be an integral part of these “live” labs. You’ll observe, and you’ll learn, by doing. In this first Wireshark lab, you’ll get acquainted with Wireshark, and make some simple packet captures and observations. The basic tool for observing the messages exchanged between executing protocol entities is called a packet sniffer. As the name suggests, a packet sniffer captures (“sniffs”) messages being sent/received from/by your computer; it will also typically store and/or display the contents of the various protocol fields in these captured messages. A packet sniffer itself is passive. It observes messages being sent and received by applications and protocols running on...
Words: 2509 - Pages: 11
...Traffic Analysis using Wireshark software Note: Late submission will be assigned a mark of zero Wireshark is a protocol analyzer for collecting network traffic data and statistics. Download and install the Wireshark protocol analyzer from www.wireshark.org. Unless you signed an Acceptable Use Policy (AUP) document that disallows this, capture traffic from your live business or school network. (If you have signed an AUP that disallows capturing network traffic, capture from your home network instead.) Answer the following questions. Part A: 1. In Wireshark, go to Statistics > Summary. What is the Average Mbps? Avg. Mbit/sec = 0.082 2. Go to Statistics > Protocol Hierarchy. Which protocols use most of the bandwidth? Ethernet = 0.082 Mbit/sec ← IPv4 = 0.081 Mbit/sec ← Transmission Control Protocol = 0.078 Mbit/sec ← SSL = 0.067 Mbit/sec 3. Go to Statistics > Packet Lengths > Create Stat. What percentage of packets are less than 80 bytes? 33.77% What percentage of packets are 80–1279 bytes? 18.61% What percentage of packets are larger than 1279 bytes? 47.62% Print screen to show the above values. [pic] 4. Capture network traffic while accessing your favourite website with your web browser. In Wireshark, go to Statistics > HTTP > Packet Counter >Create Stat. How many Response Packets did you capture? 75 What types of Response Packets and how many of each type did you capture? 2xx: Success...
Words: 2121 - Pages: 9
...communication framework using virtual terminal connection. Data is interspersed in-band with Telnet control information, usually in an 8-byte oriented data communication over TCP. Telnet program runs on a computer and connects you PC to a server on the network. Commands are entered into Telnet program and can execute them as if they were entering them directly on the server console. This implies that you can control the server and communicate with other servers on the network (Sloan, 2001). Telnet traffic refers to a user command and an underlying TCP/IP protocol used for accessing remote computers. Actually, telnet is a mechanism of gaining access to remote computers using command prompts. Through the use of Telnet, an administrator can access someone’s computers remotely permitting access of his data or applications. On the web, HTTP and FTP protocols allow a remote user to request specific files from the remote computer other than being logged on as that computers user. By using Telnet, you log on as a regular user with whatever privileges granted to access specific data and applications. A Telnet command that requests user information over the net may look like this: telnet. Smithspc.t. Com. The result is an invitation to log on with a username and password prompt, of which if accepted, you will be logged on as any other valid user on that computer. Telnet find its applications in computer programming and any other user who find it necessary to use data and applications located...
Words: 1994 - Pages: 8
...IMPLEMENTATION OF PACKET SNIFFING IN JAVA USING JPCAP LIBRARY Project Report Submitted in Partial Fulfillment of the Requirement for the Award of Degree of Bachelor of Engineering in Computer Science Engineering of Rajiv Gandhi Proudyogiki Vishwavidalaya, Bhopal (MP) By Siddharth Pateriya Swarna Swaminathan (0131CS081077) (0131CS081084) Department of Computer Science Engineering Jai Narain College of Technology, Bhopal June – 2012 DECLARATION We, Siddharth Pateriya and Swarna Swaminathan, the students of Bachelor of Engineering (Computer Science Engineering), Jai Narain College of Technology, Bhopal hereby declare that the work presented in this Major Project is an authentic record of our own and has been carried out taking care of Engineering Ethics under the guidance of Prof. Manish Mishra. Siddharth Pateriya Swarna Swaminathan (0131CS081077) (0131CS081084) CERTIFICATE This is to certify that the work embodied in this Major Project entitled “Implementation of Packet Sniffing in Java using Jpcap Library” has been satisfactorily completed by the students of final year, Mr. Siddharth Pateriya and Ms.Swarna Swaminathan. The work was carried out satisfactorily under the supervision and guidance of the undersigned in the Department of Computer Science Engineering, Jai Narain College of Technology and Science, Bhopal for the partial...
Words: 8200 - Pages: 33
...Toolwire Lab 1:Analyzing IP Protocols with Wireshark ........................................................................ 6 Introduction ............................................................................................................................................. 6 Learning Objectives ................................................................................................................................ 6 Tools and Software ................................................................................................................................. 7 Deliverables ............................................................................................................................................. 7 Evaluation Criteria and Rubrics ........................................................................................................... 7 Hands-On Steps ....................................................................................................................................... 8 Part 1: Exploring Wireshark ............................................................................................................... 8 Part 2: Analyzing Wireshark Capture Information .......................................................................... 12 Lab #1 - Assessment Worksheet .............................................................................................................. 19 Analyzing IP Protocols with Wireshark .....................
Words: 48147 - Pages: 193
...create the lab deliverable files. 3. Review the Lab Assessment Worksheet at the end of this lab. You will find answers to these questions as you proceed through the lab steps. Part 1: Capture Network Traffic using TCPdump utility Note: In the next steps, you will use TCPdump, a command line utility, to capture network traffic on the TargetLinux01 virtual server. You will generate that traffic by exploiting a cross-site scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA) tool. In the lab environment, you will be capturing traffic on one interface. In a real-world situation, it is likely the machine would be straddling both an internal network and an external network. In that case, you would want to want to monitor both sides of the interface. Monitoring outside network traffic allows information systems security practitioners to see who and what is attempting to infiltrate your IP network. Monitoring internal traffic allows network analysts to see exactly which hosts may be compromised and what destination IP addresses internal employees are accessing. 1. Double-click the RDP folder on the vWorkstation desktop to open the folder. 2. Double-click the TargetLinux01 file in the RDP folder to open a remote connection to the Linux machine. The remote desktop opens with the IP address of the remote machine (172.30.0.11) in the title bar at the...
Words: 3168 - Pages: 13
...Introduction:TCP has responsibility of providing end-to-end reliable data on non-reliable Internet.This project is based on one powerful performance measurement technique called “Passive measurement”. Passive measurement refers to the processing of measuring network, without infusing any traffic on network.Passive measurements used for monitoring traffic volume but can be used for network performance In contrast, some probe packets are introduced in Active measurement. Active measurement, traffic injected through external sources for end-to-end data transmission, these artificially introduced packets may affect the performance of other applications between network paths..“IP networks supported only a best effort service”. TCP Operation and Performance:TCP was specifically designed to provide a reliable endto-end byte stream over unreliable internetwork and responsible for internet stability.TCP using basic technique as “positive acknowledgement with retransmission. Reliability is basic issue in TCP that is achieved through a strong concept “sliding window”. The major problem with simple positive acknowledgement technique is, excessive amount of network bandwidth consumption. RWIN is very important to calculate “Throughput” of network.Sliding window protocol solves the bandwidth problem by transmitting packets before acknowledgement received. Sliding Window Mechanism and Window Size:The Sliding window performance can be judged through the size of window and the network speed...
Words: 1103 - Pages: 5
...This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial distribution and exclusive use by instructors in the CCNA Exploration: Network Fundamentals course as part of an official Cisco Networking Academy Program. Activity 1.1.1: Using Google Earth™ to View the World Learning Objectives Upon completion of this activity, you will be able to: • • • • • Explain the purpose of Google Earth. Explain the different versions of Google Earth. Explain the hardware and software requirements needed to use Google Earth (free edition). Experiment with Google Earth features such as Help | Tutorial. Experiment with Google Earth to explore continents, countries, and places of interest. Background Google Earth is a popular application that executes on the desktop of most operating systems. It requires a broadband connection to the Internet and displays Earth as a manipulated 2D, or 3D image. The popular world news channel, CNN, regularly uses Google Earth to emphasize where a news story has occurred. At the time of writing this activity, there are three versions of Google Earth. The version that fits most needs is Google's free version, Google Earth. A Google Earth Plus version includes GPS support, a spreadsheet importer, and other support features. The Google Earth Pro version is for professional and commercial use. The URL http://earth.google.com/product_comparison.html contains a description of the versions...
Words: 60675 - Pages: 243
...Volume 1 FACULTY OF INFORMATION TECHNOLOGY Computer Network Systems Department Computer Networks 1 Lab Manual V 2.0 P R E P A R E D D R . A S U B Y H I J J A W I M O H A M M A D 2 0 1 2 R E V I E W E D B Y D R . M O H A M M A D H I J J A W I Applied Science Private University – Jordan http://FIT.asu.edu.jo Table of Contents Lab 1: Network Components ....................................................................................... 7 Introduction ........................................................................................................ 7 Objectives: ........................................................................................................ 13 Lab Steps: ......................................................................................................... 13 Lab 2: Cable Construction ......................................................................................... 14 Introduction: ...................................................................................................... 14 Objectives: ........................................................................................................ 20 Lab Steps: ......................................................................................................... 21 Preparation ....................................................................................................... 21 Main Steps .................................................
Words: 20902 - Pages: 84
...successful, however we need to re-examine our network configuration and infrastructure and identify that our network defenses are still reliable, before we make any changes. We need to take a hard look at our current configuration of host, services and our protocols within our organization. Data from a large number of penetration tests in recent years show most corporate networks share common vulnerabilities. Many of these problems could be mitigated by appropriate education in “hacker thinking” for technical staff. We will take a look at our security on routers and switches to make sure there are no leakages of data traffic. OBJECTIVE We have identified that we have loss some major accounts to competitors whose bids have been accurately just under our bid offers by exact amounts. We also believe due to shared reporting and public Web site functions that our Web servers have been compromised and our RFP documents have been leaked to competitors which enabled them to under bid us. We want to mitigate Web threats in the future; we realize the web is a mission critical business tool. We want to purchase new products and services, that will give us an edge and better protect our networks and data, and that we address new and complex strategies against future attacks. SCOPE OF SERVICES 1. Procedures * Assist in planning and implementation of current configuration of host and services. * Network equipment evaluation ,and use of existing architecture * Look at growing...
Words: 3355 - Pages: 14
.../ International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 2, Issue 3, May-Jun 2012, pp.854-856 Network Traffic Analysis Using Packet Sniffer Pallavi Asrodia*, Hemlata Patel** *(Computer Science, dept., Jawaharlal Institute of Technology, Borawan, Khargone (M.P.) India.) ** (Computer Science, dept., Jawaharlal Institute of Technology, Borawan, Khargone (M.P.) India) ABSTRACT In the past five decades computer networks have kept up growing in size, complexity and, overall, in the number of its users as well as being in a permanent evolution. Hence the amount of network traffic flowing over their nodes has increased drastically. With the development and popularization of network Technology, the management, maintenance and monitoring of network is Important to keep the network smooth and improve Economic efficiency. For this purpose packet sniffer is used. Packet sniffing is important in network monitoring to troubleshoot and to log network. Packet sniffers are useful for analyzing network traffic over wired or wireless networks. This paper focuses on the basics of packet sniffer; it’s working Principle which used for analysis Network traffic. Keywords- Packet capture, Traffic analysis, Libpcap, Network Monitoring, NIC, Promiscuous mode, Berkeley Packet Filter, Network analyzer, Packet sniffer. unresponsive to those packets do not belong to themselves by just ignoring. However, if the network interface of a machine is in promiscuous...
Words: 2215 - Pages: 9
...=> iptables is a generic table structure for the definitions of ruleset. => Each ruleset consists of classifiers (iptables matches) and one connected action (iptables target/jump). =>The iptables firewall operates by comparing network traffic against a set of rules. The rules define the characteristics that a packet must have to match the rule, and the action that should be taken for matching packets =>When the defined pattern matches, the action that takes place is called a target. A target can be a final policy decision for the packet, such as accept, or drop. It can also be move the packet to a different chain for processing, or simply log the encounter. =>Hence using firewall we can configure rules for our server, depending on our needs. 2) What is the difference between input, output and forward chains? =>There are three type of chain in iptables viz input, output and forward chains. INPUT: This chain handles all packets that are addressed to the firewall. OUTPUT: This chain contains rules for packets destined to the firewall. FORWARD: This chain is used to deal with packets passing the firewall. This chain is basically a way to configure the server to route requests to other...
Words: 1021 - Pages: 5
...Asymmetric Encryption Encryption that uses two keys: if you encrypt with one you may decrypt with the other MD5 Message Digest 5. A hashing funciton used to provide integrity. MD5 uses 128 bits. A hash is simply a number created by applying the algorithm to a file or message at different times. The hashes are compared to each other to verify that integrity has been maintained. IPSec 1) Set of protocols developed to support the secure exchange of packets IPv4 and IPv6 2) Operates at a low level in the OSI model (Layer 3) 3) Transparent security protocol for applications, users, and software OSI Model 7.Application 6.Presentation 5.Session 4.Transport 3.Network 2.Data 1.Physical OSI Model Layer 3-Network Handles the logical addressing and routing of traffic. First layer implemented within the software being used, specifically the OS. white-hat hacker security experts paid to find security holes in a system Black-hat hacker takes advantage of security vulnerabilities to gain unlawful access to private networks for personal gain Gray Hat Hackers Hackers in this class are “rehabilitated” hackers or those who once were on the “dark side" but are now reformed. For obvious reasons, not all people will trust a gray-hathacker. Ex: Kevin Mitnick Script kiddie An amateur hacker you lacks sophisticated computer skills. These are usually teenagers that don't use programs to hack into computer systems, instead use tools made by skilled hackers that...
Words: 1515 - Pages: 7
...Pollock Technical Reviewer: Jason Oliver Copyeditor: Pamela Hunt Compositor: Susan Glinert Stevens Proofreader: James Fraleigh Indexer: Nancy Guenther For information on distribution, translations, or bulk sales, please contact No Starch Press, Inc. directly: No Starch Press, Inc. 245 8th Street, San Francisco, CA 94103 phone: 415.863.9900; fax: 415.863.9950; info@nostarch.com; www.nostarch.com Library of Congress Cataloging-in-Publication Data Weidman, Georgia. Penetration testing : a hands-on introduction to hacking / Georgia Weidman. pages cm Includes index. ISBN 978-1-59327-564-8 (paperback) -- ISBN 1-59327-564-1 (paperback) 1. Penetration testing (Computer security) 2. Kali Linux. 3. Computer hackers. QA76.9.A25W4258 2014 005.8'092--dc23 2014001066 I. Title. No Starch Press and the No Starch Press logo are registered trademarks of No Starch Press, Inc. Other product and company names mentioned herein may be the trademarks of their respective owners. Rather than use a trademark symbol with every occurrence of a trademarked name, we are using the names only in an editorial fashion and to the benefit of the trademark owner, with no...
Words: 117203 - Pages: 469
...Nmap® Cookbook The fat-free guide to network scanning 2 Nmap® Cookbook The Fat-free Guide to Network Scanning Copyright © 2010 Nicholas Marsh All rights reserved. ISBN: 1449902529 EAN-13: 9781449902520 www.NmapCookbook.com BSD® is a registered trademark of the University of California, Berkeley CentOS is property of CentOS Ltd. Debian® is a registered trademark of Software in the Public Interest, Inc Fedora® is a registered trademark of Red Hat, Inc. FreeBSD® is a registered trademark of The FreeBSD Foundation Gentoo® is a registered trademark of The Gentoo Foundation Linux® is the registered trademark of Linus Torvalds Mac OS X® is a registered trademark of Apple, Inc. Windows® is a registered trademark of Microsoft Corporation Nmap® is a registered trademark of Insecure.Com LLC Red Hat® is a registered trademark of Red Hat, Inc. Ubuntu® is a registered trademark of Canonical Ltd. UNIX® is a registered trademark of The Open Group All other trademarks used in this book are property of their respective owners. Use of any trademark in this book does not constitute an affiliation with or endorsement from the trademark holder. All information in this book is presented on an “as-is” basis. No warranty or guarantee is provided and the author and/or publisher shall not be held liable for any loss or damage. 3 4 Contents at a Glance Introduction....................................................................................... 15 Section 1: Installing Nmap...
Words: 25175 - Pages: 101
