◾  Ethical Hacking and Penetration Testing Guide Types of Sniffing

Network Sniffing
◾ 
141
Let’s assume that this topology runs on a hub-based network and that “Host A” would like to 
communicate with “Host B.” It will forward the traffic to the hub. A hub is designed in such a way 
that it 
broadcasts
all the traffic, meaning that it will forward the traffic to 
all the hosts on a network
.
Since the IP header contains the destination address of “Host B,” any other device receiving 
the frames will drop it. The technical flaw in this design is that lots of bandwidth is utilized and 
broadcast storms are created. The security flaw in the design is that an attacker could run a sniffer 
to capture all the traffic that is received on his computer as the traffic is broadcasted on a hub-
based network.
To mitigate this issue, switch was introduced. Switch is a smarter device because, unlike hubs, 
it does not broadcast the traffic to every host on the network; it will forward the frames only to the 
host the traffic is destined for. The switch uses an ARP protocol to perform this job. We will talk 
about ARP and its security flaws in the following sections.

Yüklə 22,44 Mb.

Dostları ilə paylaş: