• LeonG.Schiffman > man-in-the-middle

  • man-in-the-middle

    免费下载 下载该文档 文档格式:PPT   更新时间:2008-04-01   下载次数:0   点击次数:1
    文档基本属性
    文档语言:
    文档格式:ppt
    文档作者:Mark Stamp
    关键词:
    主题:
    备注:
    点击这里显示更多文档属性
    Sniffit popular with attackers
    UNIX-based
    Sniffit has "interactive mode"
    Keeps track of individual sessions
    Can view these as separate conversations
    Sniffit Interactive Mode
    Wireshark
    Wireshark (formerly Ethereal)
    Available for many platforms
    Probably easiest sniffer to use, great UI, etc.
    Wireshark is a "protocol genius"
    Decodes every bit of packet
    "Follow TCP stream" function
    Select a TCP packet, view entire connection
    Wireshark
    Sniffer as Scanning Tool
    Nmap, Nessus, etc., may be detected
    Active
    Sniffer is passive, so no such risk
    What can be determined by sniffing
    May be able to ID OS (maybe even version of OS)
    E.g., based on way connections are made
    P0f2
    Tool to passively ID OS
    Available for most platforms
    To "fingerprint" OS's network stack
    Can also ID firewall, NAT, etc.
    What info does it use
    TTL, IP ID, other
    P0f2
    Switch
    Recall that switch does not broadcast
    Active Sniffing
    Sniffing thru a switch
    Switch limits what you see with sniffers such as Wireshark
    May be able to "sniff" thru switch by inserting traffic
    Dsniff and Ettercap
    Dsniff
    Developed by developer of FragRouter
    Dsniff decodes lots application level protocols
    FTP, telnet, POP,…, Napster, pcAnywhere

    上一页下一页

  • 下载地址 (推荐使用迅雷下载地址,速度快,支持断点续传)
  • 免费下载 PPT格式下载
  • 您可能感兴趣的
  • fishleong  hongleongbank  hongleong  leong  hongleongmalaysia  isabellaleong  leongwenian  hongleongbankpay+  hongleongagency