Sniffing Network | Ethical Hacking | TechnoGb
Sniffing in Ethical Hacking is known as the process that moniter all the network and all the network packets passing in or out over the network, SMTP, HTTP, Telnet, Relogin, NNTP all these protocols are vulnerable because all the information passed through these protocols are passed as a Plain Text such as all the passwords , all the PIN’s and all the secret information so, these data can be hacked down using ‘Man in the Middle Attack’ which could be very dangerous and this Sniffing thing can be done both in legal as well as in illegal ways.
There are different types of Spoofing or Sniffing some of them are listed below:
‘Address Resolution Protocol Spoofing’ is a type of Spoofing or Sniffing which resolves IP Address into a MAC address which helps Hackers to get into a victim’s computer system or a network to gather all the information required from victim’s computer system or a network.
- MAC FLOODING:
In MAC Flooding, basically a Hacker flood the switch table until the MAC address cannot handle it then the switch will start working like hub and directs or broadcasts all the network traffic to all the ports present over that network due to which that information on the network traffic will be available to all the ports whether it is open or closed. And attackers or Hackers take advantage of this to gather all the information over any MAC Flooded network.
SNIFFING task some of them are listed below:
- CAIN AND ABEL
Wireshark is a world’s best Network Protocol Analyzer, the main task of this Wireshark is to capture as well as browse all the traffic running on a computer network, and the best part is that it is free and Open Source Network Analyzer and Troubleshooting tool. Using Wireshark and Individual can scan hundreds of protocols at the same time, it also provides the feature to capture and save all the packets for an offline analysis, most importantly it runs on multiple platforms such as Linux OS, Windows OS, MAC OS, Wireshark also supports the GUI mode to capture a packet over any network, apart from all that the output can also be exported in a different format i.e. XML, PLAIN TEXT, CSV etc.
Ettercap is a Sniffing tool used for ‘Man in the Middle Attack’, Ettercap can Sniff the live connection and can also do content filtering on the fly. It supports active as well as passive dissection of many protocols. Apart from all this, it also includes many features for network analysis and network sniffing. This comes as a pre-installed tool in KALI LINUX OPERATING SYSTEM.
It has two main options:
- UNIFIED SNIFFING:
This method sniffs all the networks which pass through the cable, you choose to put or not the interface in a promising mode (-p). The packet not directed to the host running Ettercap will be automatically forwarded using the 3-layer routing, so one can use man in the middle attack launched from the different tool and let Ettercap modify the packet.
- BRIDGED SNIFFING:
This option uses two network interfaces and forwards the traffic from one to another while Sniffing. And this Sniffing method is totally quiet and no one can find it on the network cable, the only way to look at this method is to look it as a man in the middle attack at layer 1 of the network and the best place to download Ettercap is in Github i.e https://github.com and here search for Ettercap and download through a terminal on Linux Operating System.
CAIN AND ABEL:
Cain and Able is a Password recovery tool for the Windows operating system. It recovers the different type of password using the sniffing technique such as Wireless Password, revealing the password boxes, cracking the scrambled password etc.
You can download it for Windows Operating System at https://www.oxid.it
Dnsiff is nothing but a collection of tools for penetration testing and network auditing, the main job of DNSIFF is to monitor the network for some serious information such as passwords, secret data or any kind of protected PIN’s, emails, important and classified files. Arpspoof, Dnspoof and macof facilitates the interruption of network traffic normally unavailable to Hacker or an Attacker.
MAN IN THE MIDDLE ATTACK
Man in the middle attack also known as the MITM attack , this attack basically comes from the network which connects Clients to Server and Vice Versa , so that an attacker or a Hacker can access all the data or information which Client Send it to Server as a request and in return that information also which a server sends it to Client in the form of response , no-doubt the data sent over a network now a days are encrypted and secured but if an attacker can get that encrypted information or data then surely he can decrypt it also using many tools for decryption such as MD5 decryptor etc.
This was all about the Sniffing in Ethical Hacking, If you are facing any problem in this topic (Sniffing) then I Strongly recommend you to first go through the below-mentioned articles sequence wise so, that you can easily grasp the concept very easily:
- Introduction to Ethical Hacking.
- Footprinting – First Step of Ethical Hacking.
- Reconnaissance – Information Gathering – Second Step of Ethical Hacking.
- Enumeration – Third Step of Ethical Hacking.
After reading all these topics still you face any difficulties then please mention it in the Discussion Box below, I will answer all your questions.