Post on 24-Jun-2015
description
Packet Sniffers
Prepared By:-
M.Ravi Teja Reddy
CSE -2
MVSR engineering college
2
Index
Introduction Types of environment Varieties of packet sniffers What is it used for Components Working Applications Disadvantages Types of softwares available
INTRODUCTION
A packet sniffer is a software application that uses a network adapter card in promiscuous mode to capture all network packets.
The feature of packet sniffers is:- Packet sniffers exploit information passed in clear text. Protocols that pass information in the clear include the following:
Telnet FTP SNMP POP
Host A Host BRouter A Router B
• 04/13/2023
Varieties of packet sniffers
• Today, sniffers exist in two broad varieties: • The first is a stand-alone product incorporated into a
portable computer • The second is part of a larger package of network-
monitoring hardware and software
• Basically Commercial packet sniffers are used to help maintain networks.
• Underground packet sniffers are used to break into computers.
04/13/2023
• Used to debug communication between a client and a server.
• Help in identifying who is communicating with whom and what data is sent and received over the network.
• Used in monitor how a network as used and
also used to monitor network users.
• Used to make network more secure - In order to come through to your network, it must pass through the packet sniffer.
04/13/2023
• Used in identify network problems before they become serious.
• This lets the packet sniffers see all data traffic on the network segment to which they're attached
• For this to happen sniffer must be located within the same network block (or net of trust) as the network it is intended to sniff, sniffer could be placed anywhere within that block
Applications:1. Analysing the band with used.
2. Determining the hackers if any are trying to access .
3. Know the ip address of different systems connected to your system
4. Analyse the traffic flowing through the network
04/13/2023
Disadvantages:-
• Configuring your network device to read all network packets that arrive which might contain trojan horses, you might also open doors to allow intruders access to your confidential data and network files.
Packet sniffer softwares available in the market are :
1. Wire shark
2. Net stumbler
3.Packet sniffer
4. Microsoft Network Monitor etc..
• 17
Wire shark :• Wire shark is the world's foremost network protocol
analyzer. • It is the de facto (and often de jure) standard across
many industries and educational institutions.
• It lets you capture the traffic and browse it on a computer network.
• Lets be specific about this software and observe the process ……….
04/13/2023
Features of Wireshark:
• Available for UNIX and Windows.
• Capture live packet data from a network interface.
• Display packets with very detailed protocol information.
• Saves captured packet data.
• Import and Export packet data from and to a lot of other capture programs.
04/13/2023
• Filter packets on many criteria.
• Search for packets on many criteria
• Colorize packet display based on filters.
• Create various statistics
04/13/2023
Wireshark does not provide:
• It will not warn you when someone does strange things on your network that he/she isn't allowed to do. But wireshark might help you figure out what is really going on.
• Wireshark will not manipulate things on the network, it will only "measure" things from it.
Now its time for us to have a glance at the sample C code of a packet sniffer
Screen shots:
25
26
References:-
www.Packet-sniffer.net
www.wireshark.org
www.Wikipedia.org
And many more…
27
Thank you!!!
Any questions?