• LeonG.Schiffman > man-in-the-middle

  • man-in-the-middle

    免费下载 下载该文档 文档格式:PPT   更新时间:2008-04-01   下载次数:0   点击次数:1
    文档基本属性
    文档语言:
    文档格式:ppt
    文档作者:Mark Stamp
    关键词:
    主题:
    备注:
    点击这里显示更多文档属性
    Network Attacks
    Topics
    Sniffing
    IP address spoofing
    Session hijacking
    Netcat
    General-purpose network tool
    Sniffing
    Sniffer gathers traffic from LAN
    Can see packets in real time
    Usually, interface put in promiscuous mode
    Gathers everything, regardless of IP address
    Sniffer is useful for attacker
    And useful for administrator
    Sniffer can collect data such as …
    ID/password sent over telnet, DNS, email messages, files sent over NFS, etc.
    Sniffing
    Attacker who has access to LAN can sniff packets
    Usually requires admin/root privilege
    Typically, use sniffer to gather pwds
    Sniffing can be used in "island hopping" attack
    Next slide
    Island Hopping Attack
    Sniffers
    Freeware sniffers include
    windump --- port of tcpdump
    Snort --- sniffer/IDS
    Wireshark (formerly, Ethereal) --- able to decode lots of protocols
    Sniffit --- popular with attackers
    Dsniff --- perhaps most powerful
    Passive Sniffing Thru a Hub
    Recall that hub broadcasts everything
    Passive sniffer sees everything
    Snort
    Snort: open source, UNIX-based IDS
    Started out as a sniffer
    Still can serve as a capable sniffer
    Why does sniffer-to-IDS make sense
    Snort not often used by attackers
    Has more features than attacker needs
    Sniffit

    下一页

  • 下载地址 (推荐使用迅雷下载地址,速度快,支持断点续传)
  • 免费下载 PPT格式下载
  • 您可能感兴趣的
  • fishleong  hongleongbank  hongleong  leong  hongleongmalaysia  isabellaleong  leongwenian  hongleongbankpay+  hongleongagency