Ethical Hacking and Penetration Testing Guide


Promiscuous versus Nonpromiscuous Mode



Yüklə 22,44 Mb.
Pdf görüntüsü
səhifə91/235
tarix07.08.2023
ölçüsü22,44 Mb.
#138846
1   ...   87   88   89   90   91   92   93   94   ...   235
Ethical Hacking and Penetration Testing Guide ( PDFDrive )

Promiscuous versus Nonpromiscuous Mode
Before we try to sniff traffic on a network, we would need to understand the difference between 
a promiscuous mode and a nonpromiscuous mode, which are associated with our network cards. 
By default, our network card is in the nonpromiscuous mode, in which we will be able to capture 
only the traffic that is destined for our computer. However, we can change our network card to 
the promiscuous mode, which will allow us to forcefully capture the traffic that is not destined 
for our computer. So rule number 1 for sniffing is that all the network cards should be in the 
promiscuous mode.
MITM Attacks
Victim
Victim
Original
connection
Original
connection
Webserver
Webserver
Attacker
Attacker
MITM
connection
MITM
connection
The idea behind a MITM attack is that the attacker places himself in the middle of the com-
munication between a client and a server. Therefore, any communication that is being performed 
between a client and a server will be captured by the attacker.

142
◾ 
Ethical Hacking and Penetration Testing Guide
Once an attacker successfully becomes the man in the middle, he can perform many attacks 
on the target network such as capturing all the traffic, denial of service attacks, dns spoofing, and 
session hijacking, to name a few.
ARP Protocol Basics
ARP stands for address resolution protocol. It runs upon the link layer (Layer 2) of the OSI model. 
Its purpose is to 
resolve an IP address to a MAC address
. Any piece of hardware that connects to the 
Internet has a unique MAC address associated with it.
How ARP Works
192.168.1.2
192.168.1.3
Host B
Host A
Printer
So let’s imagine the scenario shown in the image, where on a switch-based network, “Host A” with 
an IP 192.168.1.2 would like to communicate with “Host B” with an IP 192.168.1.3. In order to 
communicate on a local area, Host A would need to have the MAC address of Host B.
Host A will look inside its ARP cache and see if the entry for Host B’s IP address is present 
inside the ARP table. If it’s not present, Host A will send an ARP broadcast packet to every device 
on the network asking “Who has Host B’s IP address?”
Once Host B receives the ARP request, it will send an ARP reply telling Host A “I am 
Host B and here is my MAC address.” The MAC address would be then saved inside the ARP 
table. An ARP cache contains a list of the IP and MAC addresses of every host we have com-
municated with.

Network Sniffing
◾ 

Yüklə 22,44 Mb.

Dostları ilə paylaş:
1   ...   87   88   89   90   91   92   93   94   ...   235



Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət
gir | qeydiyyatdan keç
    Ana səhifə
Stomatologiya
Anesteziologiya
Cərrahlıq
Ginekologiya
Tibb

yükləyin