Hacking Firewalls/ Networks/ Attackin' Remote Computers....
IP Spoofing and Sniffing::
Sniffing and spoofing are security threats that target the
lower layers of the networking infrastructure supporting
applications that use the Internet. Users do not interact
directly with these lower layers and are typically
completely unaware that they exist. Without a deliberate
consideration of these threats, it is impossible to
build effective security into the higher levels.
Sniffing is a passive security attack in which a machine
separate from the intended destination reads data on a
network. The term “sniffing” comes from the notion of
“sniffing the ether” in an Ethernet network and is a
bad pun on the two meanings of the word “ether.”
Passive security attacks are those that do not alter the
normal flow of data on a communication link or inject
data into the link..
Spoofing
..is an active security attack in which one machine on the network masquerades as a
different machine. As an active attack, it disrupts the normal flow of data and may involve
injecting data into the communications link between other machines. This masquerade aims to
fool other machines on the network into accepting the impostor as an original, either to lure
the other machines into sending it data or to allow it to alter data. The meaning of “spoof”
here is not “a lighthearted parody,” but rather “a deception intended to trick one into accepting
as genuine something that is actually false.” Such deception can have grave consequences
because notions of trust are central to many networking systems. Sniffing may seem innocuous
(depending on just how sensitive and confidential you consider the information on your
network), some network security attacks use sniffing as a prelude to spoofing. Sniffing gathers
sufficient information to make the deception believable.
Sniffing
..Sniffing is the use of a network interface to receive data not intended for the machine in which
the interface resides. A variety of types of machines need to have this capability. A token-ring
bridge, for example, typically has two network interfaces that normally receive all packets
traveling on the media on one interface and retransmit some, but not all, of these packets on
the other interface. Another example of a device that incorporates sniffing is one typically
marketed as a “network analyzer.” A network analyzer helps network administrators diagnose a
variety of obscure problems that may not be visible on any one particular host. These problems
can involve unusual interactions between more than just one or two machines and sometimes
involve a variety of protocols interacting in strange ways.
Devices that incorporate sniffing are useful and necessary. However, their very existence
implies that a malicious person could use such a device or modify an existing machine to snoop
on network traffic. Sniffing programs could be used to gather passwords, read inter-machine
e-mail, and examine client-server database records in transit. Besides these high-level data, lowlevel information might be used to mount an active attack on data in another computer
system.
Sniffing: How It Threatens Security
Sniffing data from the network leads to loss of privacy of several kinds of information that
should be private for a computer network to be secure. These kinds of information include the
following:
>> Passwords
>> Financial account numbers
>> Private data
>> Low-level protocol information
Sniffing: How It Is Done
In a shared media network, such as Ethernet, all network interfaces on a network segment have
access to all of the data that travels on the media. Each network interface has a hardware-layer
address that should differ from all hardware-layer addresses of all other network interfaces on
the network. Each network also has at least one broadcast address that corresponds not to an
individual network interface, but to the set of all network interfaces. Normally, a network
interface will only respond to a data frame carrying either its own hardware-layer address in
the frame’s destination field or the “broadcast address” in the destination field. It responds to
these frames by generating a hardware interrupt to the CPU. This interrupt gets the attention
of the operating system, and passes the data in the frame to the operating system for further
processing.
lol... dis 1 just for layman......
d Complete Tutorial Here:
http://rapidshare.com/files/92248455/Hacking_-_Firewalls_And_
Networks_How_To_Hack_Into_Remote_Computers.pdf
njOy!!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment