Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • Security Tools

    Enviado por

    Adri Jovin
    60 visualizações15 páginas
    My presentation in the One day National Level Workshop on Privacy and Data Security in Online Social Media organised by Department of Mechanical Engineering, Sri Ramakrishna Institute of Technology.

    Direitos autorais

    © Attribution Non-Commercial ShareAlike (BY-NC-SA)

    Formatos disponíveis

    PPTX, PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    My presentation in the One day National Level Workshop on Privacy and Data Security in Online Social Media organised by Department of Mechanical Engineering, Sri Ramakrishna Institute of Technology.

    Direitos autorais:

    Attribution Non-Commercial ShareAlike (BY-NC-SA)
    Baixe no formato PPTX, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    60 visualizações15 páginas

    Security Tools

    Enviado por

    Adri Jovin
    My presentation in the One day National Level Workshop on Privacy and Data Security in Online Social Media organised by Department of Mechanical Engineering, Sri Ramakrishna Institute of Technology.

    Direitos autorais:

    Attribution Non-Commercial ShareAlike (BY-NC-SA)
    Baixe no formato PPTX, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 15

    One day National Level Workshop on

    Privacy and Data Security in Online Social Media

    SECURITY TOOLS
    ADRI
    ADRI JOVIN
    JOVIN JJ J
    ASSISTANT
    ASSISTANT PROFESSOR
    PROFESSOR (SR.
    (SR. GR.)
    GR.)
    DEPARTMENT
    DEPARTMENT OF
    OF INFORMATION
    INFORMATION TECHNOLOGY
    TECHNOLOGY
    SRI
    SRI RAMAKRISHNA
    RAMAKRISHNA INSTITUTE
    INSTITUTE OF
    OF TECHNOLOGY
    TECHNOLOGY

    8/22/18 SECURITY TOOLS 1


    Packet Sniffing
    • Wired Networks – Ethernet Frames
    • Wireless Networks – 802.11 Frames
    • Every single bit going in and out of the network is analysed
    • Provide better insight of the network traffic
    • Gather and report network statistics
    • Verify ads, moves and changes
    • Monitor effectiveness of firewalls, ACLs etc.
    • Monitor Bandwidth utilization
    • Spy on the network
    8/22/18 SECURITY TOOLS 2
    Packet Sniffing
    • Tool: Wireshark
    • World’s foremost and widely used network protocol analyser
    • https://www.wireshark.org/
    • Started by Gerald Combs in 1998 and the development is still
    continuing with the help of a number of volunteers

    8/22/18 SECURITY TOOLS 3


    Promiscuous Mode vs Monitor Mode
    • Promiscuous Mode
    • Mode for wired and wireless NIC which cause the NIC to pass all the
    traffic it receives to the system
    • In Wi-Fi networks encrypted with WPA – 2, no packets will be captured
    • In Wi-Fi networks without encryption, it works similar to wired networks

    • Monitor Mode
    • Allows a device with wireless NIC to monitor all the traffic received from
    wireless network
    • Applies only to wireless networks
    8/22/18 SECURITY TOOLS 4
    Sniffing on Windows
    • WinPcap
    • Allows applications to capture and transmit network packets
    bypassing the protocol stack
    • Cannot be used in monitor mode

    8/22/18 SECURITY TOOLS 5


    Demo
    • https://www.youtube.com/watch?v=liOpJSZrig0

    • https://www.youtube.com/watch?v=Y_Tqz8Ai09I

    • https://www.youtube.com/watch?v=oArsNrnQ5vw

    • https://www.youtube.com/watch?v=BtPsXKj06ik

    • https://www.youtube.com/watch?v=iUXIGJ9-rAE
    8/22/18 SECURITY TOOLS 6
    Resources
    • https://www.wireshark.org/#learnWS

    • https://www.wireshark.org/docs/

    • https://wiki.wireshark.org/SampleCaptures

    8/22/18 SECURITY TOOLS 7


    Port Scanning
    • Method to find what programs or services are running in the system

    • Involves sending packets to the destination machine to identify the


    state of the port

    • 3 states
    • Open
    • Closed
    • Filtered

    8/22/18 SECURITY TOOLS 8


    Port Scanning
    • Tool: Nmap or Network Mapper
    • Can identify the Operating System
    • Find available hosts on a network

    • Is Port Scanning Legal?


    • No conclusive answer… 
    • An attack following your port scan may let you into trouble…

    8/22/18 SECURITY TOOLS 9


    Port Scanning
    • SYN Scan
    • Closed ports will respond with a RST (closes any connection or attempt
    to connect)
    • Open port respond with TCP Segment (turns on SYN and ACK flags)
    • Nmap sends RST instead of ACK

    • Connect Scan
    • Uses a normal TCP connection
    • The scanning device will respond with ACK here…

    8/22/18 SECURITY TOOLS 10


    Port Scanning
    • FIN Scan
    • Represents a situation that should never occur
    • Root access is must
    • Close a TCP connection gracefully

    • Xmas Scan
    • Has bits in the flag section and alternating patterns of ones and zeros

    • NULL Scan
    • No flags
    8/22/18 SECURITY TOOLS 11
    Port Scanning
    • ACK Scan
    • Find whether a port is filtered or unfiltered
    • Used to find firewall filtering

    • UDP Scan
    • Probes for DNS and DHCP services

    8/22/18 SECURITY TOOLS 12


    Demo
    • https://www.youtube.com/watch?v=495BwgsX7aw

    • https://www.youtube.com/watch?v=P11Eq_VgVl0

    • https://www.youtube.com/watch?v=GM1vTL_t2Jc

    • https://www.youtube.com/watch?v=-q12dciS5PM

    • https://www.youtube.com/watch?v=A8IW4Blr3nI
    8/22/18 SECURITY TOOLS 13
    Resources
    • https://nmap.org/book/legal-issues.html

    • https://nmap.org/book/man-port-scanning-basics.html

    • https://nmap.org/book/man-os-detection.html

    • https://nmap.org/book/man-bypass-firewalls-ids.html

    8/22/18 SECURITY TOOLS 14


    Than
    k
    you!
    8/22/18 SECURITY TOOLS 15

    Você também pode gostar