Ethical Hacking and
Countermeasures
Version 6
Module X
Sniffers
Scenario
Jamal, is an electrician who fixes electrical and
k bl
H
ll d i f
l
networ ca es. e was ca e n or a regu ar
inspection at the premises of XInsurance Inc.
Jamal was surprised at his findings during a
routine check of the AC ducts in the enterprise.
The LAN wires were laid through the ducts.
H
t
t d t fi d th i f
ti
fl
i
e was emp e o n
e n orma on ow ng
through the LAN wires.
What can Jamal do to sabotage the network?
What information can he obtain and how
sensitive is the information that he would
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
obtain?
Module Objective
This module will familiarize you with:
• Sniffing
• Protocols vulnerable to sniffing
• Types of sniffing
• ARP and ARP spoofing attack
• Tools for ARP spoofing
• MAC flooding
• Tools for MAC flooding
• Sniffing tools
• Types of DNS poisoning
• Raw sniffing tools
• Detecting sniffing
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
• Countermeasures
Module Flow
Sniffing Definition
Tools for MAC Flooding
Protocols Vulnerable
to Sniffing
Sniffer Hacking Tools
Types of Sniffing
Types of DNS Poisoning
Raw Sniffing Tools
ARP and
ARP Spoofing Attack
Detecting Sniffing
Tools for ARP Spoofing
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Countermeasures
MAC Flooding
Definition: Sniffing
Sniffing is a data interception technology
Sniffer is a program or device that captures
the vital information from the network traffic
specific to a particular network
The objective of sniffing is to
steal:
• Passwords (from email, the web, SMB, ftp,
SQL, or telnet)
• Email text
• Files in transfer (email files, ftp files, or
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
SMB)
Protocols Vulnerable to Sniffing
Protocols that are susceptible to
iff
i
l d
• Telnet and Rlogi