Lab 1: Packet Sniffing and Wireshark€¦ · · 2018-01-15• Packet sniffer is a basic tool for...
Transcript of Lab 1: Packet Sniffing and Wireshark€¦ · · 2018-01-15• Packet sniffer is a basic tool for...
![Page 1: Lab 1: Packet Sniffing and Wireshark€¦ · · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),](https://reader031.fdocuments.us/reader031/viewer/2022022518/5b0d51937f8b9af65e8d71d4/html5/thumbnails/1.jpg)
Lab1:PacketSniffingandWireshark
FengweiZhang
WayneStateUniversity Course:CyberSecurityPractice 1
![Page 2: Lab 1: Packet Sniffing and Wireshark€¦ · · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),](https://reader031.fdocuments.us/reader031/viewer/2022022518/5b0d51937f8b9af65e8d71d4/html5/thumbnails/2.jpg)
PacketSniffer• Packetsnifferisabasictoolforobservingnetworkpacketexchangesinacomputer
• Capturing(“sniffs”)packetsbeingsent/receivedfrom/byyourcomputer
• Apacketsnifferitselfispassive
• Displayingthecontentsofthevariousprotocolfieldsinthesecapturedpackets,butneversendingpacketsitself
WayneStateUniversity Course:CyberSecurityPractice 2
![Page 3: Lab 1: Packet Sniffing and Wireshark€¦ · · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),](https://reader031.fdocuments.us/reader031/viewer/2022022518/5b0d51937f8b9af65e8d71d4/html5/thumbnails/3.jpg)
PacketSnifferStructure
WayneStateUniversity Course:CyberSecurityPractice 3
![Page 4: Lab 1: Packet Sniffing and Wireshark€¦ · · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),](https://reader031.fdocuments.us/reader031/viewer/2022022518/5b0d51937f8b9af65e8d71d4/html5/thumbnails/4.jpg)
PacketSniffer(cont’d)• Applications(webbrowsers,FTPclients,emailclients)
• Networkprotocols(Internetprotocol)
• Packetcapture– Thepacketcapturelibraryreceivesacopyofeverylink-layerframe
thatissentfromorreceivedbyyourcomputer
• PacketAnalyzer– Displayingthecontentsofallfieldswithinaprotocolmessage– Understandingthestructureofallmessagesexchangedbyprotocols– IP,TCP,HTTPheaders
• Wireshark,TCPDump
WayneStateUniversity Course:CyberSecurityPractice 4
![Page 5: Lab 1: Packet Sniffing and Wireshark€¦ · · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),](https://reader031.fdocuments.us/reader031/viewer/2022022518/5b0d51937f8b9af65e8d71d4/html5/thumbnails/5.jpg)
TCP/IPNetworkStack• TCP/IPisthemostcommonlyusednetworkmodelfor
Internetservices.
• Becauseitsmostimportantprotocols,theTransmissionControlProtocol(TCP)andtheInternetProtocol(IP)werethefirstnetworkingprotocolsdefinedinthisstandard,itisnamedasTCP/IP.
• Itcontainsmultiplelayersincluding:– Applicationlayer– Transportlayer– Networklayer– Datalinklayer
WayneStateUniversity Course:CyberSecurityPractice 5
![Page 6: Lab 1: Packet Sniffing and Wireshark€¦ · · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),](https://reader031.fdocuments.us/reader031/viewer/2022022518/5b0d51937f8b9af65e8d71d4/html5/thumbnails/6.jpg)
AnExampleLayeredApproach
WayneStateUniversity Course:CyberSecurityPractice 6
![Page 7: Lab 1: Packet Sniffing and Wireshark€¦ · · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),](https://reader031.fdocuments.us/reader031/viewer/2022022518/5b0d51937f8b9af65e8d71d4/html5/thumbnails/7.jpg)
NetworkLayers
WayneStateUniversity Course:CyberSecurityPractice 7
![Page 8: Lab 1: Packet Sniffing and Wireshark€¦ · · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),](https://reader031.fdocuments.us/reader031/viewer/2022022518/5b0d51937f8b9af65e8d71d4/html5/thumbnails/8.jpg)
ApplicationLayer
• Theapplicationlayerincludestheprotocolsusedbymostapplicationsforprovidinguserservices
• ExamplesofapplicationlayerprotocolsareHypertextTransferProtocol(HTTP),SecureShell(SSH),FileTransferProtocol(FTP),andSimpleMailTransferProtocol(SMTP)
WayneStateUniversity Course:CyberSecurityPractice 8
![Page 9: Lab 1: Packet Sniffing and Wireshark€¦ · · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),](https://reader031.fdocuments.us/reader031/viewer/2022022518/5b0d51937f8b9af65e8d71d4/html5/thumbnails/9.jpg)
TransportLayer• Thetransportlayerestablishesprocess-to-process
connectivity,anditprovidesend-to-endservicesthatareindependentofunderlyinguserdata.
• Toimplementtheprocess-to-processcommunication,theprotocolintroducesaconceptofport.TheexamplesoftransportlayerprotocolsareTransportControlProtocol(TCP)andUserDatagramProtocol(UDP).
• TheTCPprovidesflowcontrol,connectionestablishment,andreliabletransmissionofdata,whiletheUDPisaconnectionlesstransmissionmodel.
WayneStateUniversity Course:CyberSecurityPractice 9
![Page 10: Lab 1: Packet Sniffing and Wireshark€¦ · · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),](https://reader031.fdocuments.us/reader031/viewer/2022022518/5b0d51937f8b9af65e8d71d4/html5/thumbnails/10.jpg)
InternetLayer• TheInternetlayerisresponsibleforsendingpacketstoacrossnetworks.
• Ithastwofunctions:1)HostidentificationbyusingIPaddressingsystem(IPv4andIPv6);and2)packetsroutingfromsourcetodestination.
• TheexamplesofInternetlayerprotocolsareInternetProtocol(IP),InternetControlMessageProtocol(ICMP),andAddressResolutionProtocol(ARP).
WayneStateUniversity Course:CyberSecurityPractice 10
![Page 11: Lab 1: Packet Sniffing and Wireshark€¦ · · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),](https://reader031.fdocuments.us/reader031/viewer/2022022518/5b0d51937f8b9af65e8d71d4/html5/thumbnails/11.jpg)
LinkLayer
• Thelinklayerdefinesthenetworkingmethodswithinthescopeofthelocalnetworklink.
• Itisusedtomovethepacketsbetweentwohostsonthesamelink.AncommonexampleoflinklayerprotocolsisEthernet.
WayneStateUniversity Course:CyberSecurityPractice 11
![Page 12: Lab 1: Packet Sniffing and Wireshark€¦ · · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),](https://reader031.fdocuments.us/reader031/viewer/2022022518/5b0d51937f8b9af65e8d71d4/html5/thumbnails/12.jpg)
DataEncapsulationinNetworkStack
WayneStateUniversity Course:CyberSecurityPractice 12
![Page 13: Lab 1: Packet Sniffing and Wireshark€¦ · · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),](https://reader031.fdocuments.us/reader031/viewer/2022022518/5b0d51937f8b9af65e8d71d4/html5/thumbnails/13.jpg)
Lab0
• MakesureyoucanloginasCSC4992studentonZeroClient– UsingyourWSUaccessIDandpassword– ProvidingVMimagesforlabexperiments
WayneStateUniversity Course:CyberSecurityPractice 13
![Page 14: Lab 1: Packet Sniffing and Wireshark€¦ · · 2018-01-15• Packet sniffer is a basic tool for observing network packet exchanges in a computer • Capturing ... Shell (SSH),](https://reader031.fdocuments.us/reader031/viewer/2022022518/5b0d51937f8b9af65e8d71d4/html5/thumbnails/14.jpg)
Lab0(cont’d)• Subscribecoursemailing-list– [email protected]– ListHomepage(webinterfaceforsubscriberstojoin/leavelist,postmessages,viewarchives):http://lists.wayne.edu
• Sendanemailtothelisttointroduceyourselfbynextclass
• Sendazippedtest.txtfileonBackboardbythisweek
WayneStateUniversity Course:CyberSecurityPractice 14