![]() This can be done by placing the MAC address of your gateway and other important machines in the /etc/ethers file. To prevent this from happening, we can add the MAC address of the gateway permanently to our ARP cache. The machine that the malicious user will most probably try to arp-spoof is the gateway. If we are on a switched network, the chance is that arp spoofing will be used for sniffing purpose. While this won’t prevent a sniffer from functioning it will ensure that what a sniffer reads are pure junk The best way to secure our self against sniffing is to use encryption. When installed on a computer, a sniffer does generate some small amount of traffic. But it is slightly easier when the sniffer is functioning on a Switched Ethernet network segment. Hence it becomes extremely difficult to detect sniffers, especially when running on a shared Ethernet. Detecting Sniffers:Ī sniffer is usually passive, it just collects data. Warning: This method might lead to degeneration of the network service and should not be run for a long interval of time. Though a switch is more secure than hub, the following methods can still be used to sniff on a switch: This results in better utilization of the available bandwidth and improved security. The switch is an intelligent device that sends packets to the destined computer only and does not broadcast it to all the machines on the network, as in the previous case. The switch maintains a table keeping track of each computer’s MAC address and the physical port on the switch to which that MAC address is connected and delivers packets destined for a particular machine correspondingly. Switched Ethernet: An ethernet environment in which the hosts are connected to switch instead of a hub is called a switched Ethernet.In such an environment packets meant for one machine are received by all the other machines. Shared Ethernet: In a shared Ethernet environment all hosts are connected to the same bus compete with one another for bandwidth.There are 2 basic types of Ethernet environment and how sniffers work in both these cases is slightly different. By user-friendly, we mean the Network Administrator should be able to make sense of it. Subsequently, the captured data packet is analyzed by the packet sniffing software and presented to the network manager/technician in a user-friendly format. ![]() When a packet sniffer is installed in the network, the sniffer intercepts the network traffic and captures the raw data packets. These packets are reassembled once all the data packets reach their intended destination. In packet-switched networks, the data to be transmitted is broken down into several packets. ![]() Sniffers basically are “Data Interception” technology. A sniffer is a program or a device that eavesdrops on the network traffic by grabbing information traveling over a network. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |