PresentationPDF Available

Packet Sniffers: Development and deployment scenarios

Authors:

Abstract

This presentation is about the development of packet sniffers and their deployment for various applications and scenarios.
Packet Sniffers: Development and Deployment Scenarios
Muhammad Farooq-i-Azam
Network
A collection of computers communicating with each other are said to form a
computer network.
Examples are:
Ethernet
Token Ring
Dial up
Network Traffic
Computers communicate with each other by sending or receiving information
over tiny bundles of electronic signals called packets.
Flow of different packets to and from different computers over the network is
said to constitute network traffic.
Packet Types and Structure
Data Packets e.g. HTTP packets
Control Packets e.g. ARP packets
Not all packets are visible to the end user.
Not all contents of the packets are seen by the end user.
Ethernet
Ethernet using hubs defines a single broadcast domain.
Ethernet employing switched hubs defines multiple broadcast domains.
Promiscuous mode
Packet Sniffer
A piece of software that captures all the traffic flowing in and out of a
computer.
Non-promiscuous mode sniffing
Promiscuous mode sniffing for non-switched and switched Ethernet LAN
Common Packet Sniffer Tools
tcpdump
ethereal
ipgrab
Collaboration with ipgrab project
Test Run
Applications And Deployment
Intrusion detection
Build traffic patterns
Protocol debugging
Session logging - Replay and redirection
Clear text usernames, passwords, email
Network discovery
Remote information gathering
Development
Kernel interface
libpcap and winpcap
Determine the interface
Open the interface
Capture and process packets
ResearchGate has not been able to resolve any citations for this publication.
ResearchGate has not been able to resolve any references for this publication.