Scribd Logo
Upload

Welcome to Scribd!

  • Security Tools

    Uploaded by

    Adri Jovin
    69 views15 pages
    My presentation in the One day National Level Workshop on Privacy and Data Security in Online Social Media organised by Department of Mechanical Engineering, Sri Ramakrishna Institute of Technology.

    Copyright

    © Attribution Non-Commercial ShareAlike (BY-NC-SA)

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    My presentation in the One day National Level Workshop on Privacy and Data Security in Online Social Media organised by Department of Mechanical Engineering, Sri Ramakrishna Institute of Technology.

    Copyright:

    Attribution Non-Commercial ShareAlike (BY-NC-SA)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    69 views15 pages

    Security Tools

    Uploaded by

    Adri Jovin
    My presentation in the One day National Level Workshop on Privacy and Data Security in Online Social Media organised by Department of Mechanical Engineering, Sri Ramakrishna Institute of Technology.

    Copyright:

    Attribution Non-Commercial ShareAlike (BY-NC-SA)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 15

    One day National Level Workshop on

    Privacy and Data Security in Online Social Media

    SECURITY TOOLS
    ADRI
    ADRI JOVIN
    JOVIN JJ J
    ASSISTANT
    ASSISTANT PROFESSOR
    PROFESSOR (SR.
    (SR. GR.)
    GR.)
    DEPARTMENT
    DEPARTMENT OF
    OF INFORMATION
    INFORMATION TECHNOLOGY
    TECHNOLOGY
    SRI
    SRI RAMAKRISHNA
    RAMAKRISHNA INSTITUTE
    INSTITUTE OF
    OF TECHNOLOGY
    TECHNOLOGY

    8/22/18 SECURITY TOOLS 1


    Packet Sniffing
    • Wired Networks – Ethernet Frames
    • Wireless Networks – 802.11 Frames
    • Every single bit going in and out of the network is analysed
    • Provide better insight of the network traffic
    • Gather and report network statistics
    • Verify ads, moves and changes
    • Monitor effectiveness of firewalls, ACLs etc.
    • Monitor Bandwidth utilization
    • Spy on the network
    8/22/18 SECURITY TOOLS 2
    Packet Sniffing
    • Tool: Wireshark
    • World’s foremost and widely used network protocol analyser
    • https://www.wireshark.org/
    • Started by Gerald Combs in 1998 and the development is still
    continuing with the help of a number of volunteers

    8/22/18 SECURITY TOOLS 3


    Promiscuous Mode vs Monitor Mode
    • Promiscuous Mode
    • Mode for wired and wireless NIC which cause the NIC to pass all the
    traffic it receives to the system
    • In Wi-Fi networks encrypted with WPA – 2, no packets will be captured
    • In Wi-Fi networks without encryption, it works similar to wired networks

    • Monitor Mode
    • Allows a device with wireless NIC to monitor all the traffic received from
    wireless network
    • Applies only to wireless networks
    8/22/18 SECURITY TOOLS 4
    Sniffing on Windows
    • WinPcap
    • Allows applications to capture and transmit network packets
    bypassing the protocol stack
    • Cannot be used in monitor mode

    8/22/18 SECURITY TOOLS 5


    Demo
    • https://www.youtube.com/watch?v=liOpJSZrig0

    • https://www.youtube.com/watch?v=Y_Tqz8Ai09I

    • https://www.youtube.com/watch?v=oArsNrnQ5vw

    • https://www.youtube.com/watch?v=BtPsXKj06ik

    • https://www.youtube.com/watch?v=iUXIGJ9-rAE
    8/22/18 SECURITY TOOLS 6
    Resources
    • https://www.wireshark.org/#learnWS

    • https://www.wireshark.org/docs/

    • https://wiki.wireshark.org/SampleCaptures

    8/22/18 SECURITY TOOLS 7


    Port Scanning
    • Method to find what programs or services are running in the system

    • Involves sending packets to the destination machine to identify the


    state of the port

    • 3 states
    • Open
    • Closed
    • Filtered

    8/22/18 SECURITY TOOLS 8


    Port Scanning
    • Tool: Nmap or Network Mapper
    • Can identify the Operating System
    • Find available hosts on a network

    • Is Port Scanning Legal?


    • No conclusive answer… 
    • An attack following your port scan may let you into trouble…

    8/22/18 SECURITY TOOLS 9


    Port Scanning
    • SYN Scan
    • Closed ports will respond with a RST (closes any connection or attempt
    to connect)
    • Open port respond with TCP Segment (turns on SYN and ACK flags)
    • Nmap sends RST instead of ACK

    • Connect Scan
    • Uses a normal TCP connection
    • The scanning device will respond with ACK here…

    8/22/18 SECURITY TOOLS 10


    Port Scanning
    • FIN Scan
    • Represents a situation that should never occur
    • Root access is must
    • Close a TCP connection gracefully

    • Xmas Scan
    • Has bits in the flag section and alternating patterns of ones and zeros

    • NULL Scan
    • No flags
    8/22/18 SECURITY TOOLS 11
    Port Scanning
    • ACK Scan
    • Find whether a port is filtered or unfiltered
    • Used to find firewall filtering

    • UDP Scan
    • Probes for DNS and DHCP services

    8/22/18 SECURITY TOOLS 12


    Demo
    • https://www.youtube.com/watch?v=495BwgsX7aw

    • https://www.youtube.com/watch?v=P11Eq_VgVl0

    • https://www.youtube.com/watch?v=GM1vTL_t2Jc

    • https://www.youtube.com/watch?v=-q12dciS5PM

    • https://www.youtube.com/watch?v=A8IW4Blr3nI
    8/22/18 SECURITY TOOLS 13
    Resources
    • https://nmap.org/book/legal-issues.html

    • https://nmap.org/book/man-port-scanning-basics.html

    • https://nmap.org/book/man-os-detection.html

    • https://nmap.org/book/man-bypass-firewalls-ids.html

    8/22/18 SECURITY TOOLS 14


    Than
    k
    you!
    8/22/18 SECURITY TOOLS 15

    You might also like