Ethical Experts
Ethical Experts

A Community Dedicated to Helping and Learning . Here You Will Get Hacking Tutorials and Monetizing Methods . We Hope You Have a Pleasant Stay
 
HomeHome  SearchSearch  FAQFAQ  RegisterRegister  Log in  
Still Currently working on the forum design, until I find a perfect design that can sit there for the whole life :p .. Please Bare with us if you see the design change while / after you refresh a page or return ! Sorry for the Inconvenience ~!
Search
 
 

Display results as :
 
Rechercher Advanced Search
Latest topics
» Hack Pack : Largest Hacking Tools Collection
Tue Apr 28, 2015 9:35 am by THE-OUTSIDER

» Hi everyone!
Fri Nov 07, 2014 11:24 pm by zekrum

» Hacking Email ID's
Thu Sep 25, 2014 7:22 pm by NAVEEN KUMAR . S

» entering in a computer binary
Sat Sep 20, 2014 1:29 pm by erosh23

» hi hackers
Sat Sep 20, 2014 1:26 pm by erosh23

» Introduce Yourself !
Sat Sep 20, 2014 1:23 pm by erosh23

» Hello guys
Wed Jul 30, 2014 10:52 pm by RZero67

» need botnet like zues Betabot or any good botnet files please admin help me
Fri Jul 25, 2014 9:44 pm by sire_roktiv

» Extension Spoofer v0.1 [Beta Release]
Fri Jul 11, 2014 9:33 am by The Joker

Most Viewed Topics
Hack Pack : Largest Hacking Tools Collection
HACK WIFI PASSWORD USING CMD WHEN YOU ARE CONNECTED WITH WIFI
Hack Your BroadBand !! RISK FREE !!
How to Hack the Windows Admin Password Using OphCrack in Backtrack tutorial
Hacking With Keyloggers Prorat
How to Get Unlimited time in an Internet Cafe ... :D
Cracking a WPA/WPA-2 Password.. ;)
How to Hack Websites & Servers - Tutorial
Backtrack and Facebook
Credit Card Generating Sequence
Keywords
netcat
Facebook Like
Similar topics

Share | 
 

 Packet Sniffing :- Part 2 | Countermeasures

View previous topic View next topic Go down 
AuthorMessage
The Joker
Admin
Admin
avatar

Posts : 182
Join date : 2012-06-11
Age : 26

PostSubject: Packet Sniffing :- Part 2 | Countermeasures    Fri Sep 28, 2012 6:26 am

As told earlier a hub network is more prone to sniffing so its better to use switch instead of hub. Switch will not only reduce chances of sniffing but will also increase performance of network. But switch merely can't act as countermeasure against Packet Sniffing . As You KNow If the Hacker uses ARP Poisoning he/she can easily sniff packets from switched network. So a switch can never be a complete solution to packet sniffing. Countermeasure against sniffing also depends upon size of network I.e is your network small as 20-50 computers or its large as 1000-2000 computers or more

We can say that a network with 20-50 computers is relatively small as compared to network with more than 1000 and 2000 computers. In small networks adding a static IP address and static ARP can help prevent ARP Poisoning By doing so a computer with specific MAC address will always get same IP address in spite of how many times it reboots or restarts. This will prevent ARP poisoning in switched network in small scale network.
In windows you can you can create static ARP entry by typing following commands,

C:\>arp -s IP_address MAC_address

Example:
C:\>arp -s 198.145.40.28 00-aa-00-bb-00-cc

Above command will give same IP address 198.145.40.28 to computer with MAC ID 00-aa-00-bb-00-cc no matter how many times it reboots or restarts, its IP address will not change. In Linux and UNIX systems adding entries will differ from system to system, type man arp or info arp to get more information on how to configure ARP table on your version of UNIX or UNIX like system.

There are several tools available to make your job easy to enter details in ARP table Google for more information for your version and platform of system.

Now no matter how simplified tool you use for adding ARP table entries, on large network it will surely be a fool's job also it will not guarantee anti-sniffing. So for large networks enable the network feature known as “Port Security” this feature allows only one MAC address for each physical port. Thus only one MAC address will be permitted to each machine this will disallow attacker to use ARP based man-in-the-middle attack I.e ARP poisoning.

Now reality is that Port security can disallow sniffing from internal network but what if attacker is someone who is using hardware protocol analyzer for sniffing. There's no way any of above techniques can stop him from sniffing from a network. Final word of day against sniffing is encryption, though it'll not disallow sniffing completely but the sniffed data will be in encrypted form which will disallow disclosure of information. Again no matter how big your network is you must use static ARP table in area where sensitive information flows from network.

Companies and organization should warn their employees and members not to use services which specially needs authentication or use tunneled connection with IPSec protocol enabled when they want to perform some authentication based communication. Lastly a system or network administrator should regularly scan network with sniffer detection tools like ARP Watch, Promiscan, Anti-Sniff, Prodetect, Kitti Litter etc the list is big, you can find find numerous tools paid and open source depending on your platform of operation.

In short,
  • Use switch instead of hub
    Maintain static ARP table for sensitive regions
    Use Encryption like SSH over communication
    Educate Employees
    Use Sniffing Detection Tools

___________________________________________________
Do NOT PM me until you are DONATING or Your Upgrade  hasn't been completed even after you have purchased it .
If is one of the above, you can either choose to PM or mail me ..
Back to top Go down
View user profile http://teamiha.tumblr.com
 
Packet Sniffing :- Part 2 | Countermeasures
View previous topic View next topic Back to top 
Page 1 of 1
 Similar topics
-
» I know the volcano story is becoming part of history.
» Movie Hmoob : Vaj Tuam Thawj Part 1.1
» THE STORY OF THE STAR-CROSSED LOVERS...(REVIVED)
» Hi everyone!
» Feature: Top 6 Best Super Mario Galaxy Series Galaxies Part 2!

Permissions in this forum:You cannot reply to topics in this forum
Ethical Experts :: Hacking Section :: Hacking Tutorials-
Jump to: