Documente Academic
Documente Profesional
Documente Cultură
SECURITY TOOLS
ADRI
ADRI JOVIN
JOVIN JJ J
ASSISTANT
ASSISTANT PROFESSOR
PROFESSOR (SR.
(SR. GR.)
GR.)
DEPARTMENT
DEPARTMENT OF
OF INFORMATION
INFORMATION TECHNOLOGY
TECHNOLOGY
SRI
SRI RAMAKRISHNA
RAMAKRISHNA INSTITUTE
INSTITUTE OF
OF TECHNOLOGY
TECHNOLOGY
• Monitor Mode
• Allows a device with wireless NIC to monitor all the traffic received from
wireless network
• Applies only to wireless networks
8/22/18 SECURITY TOOLS 4
Sniffing on Windows
• WinPcap
• Allows applications to capture and transmit network packets
bypassing the protocol stack
• Cannot be used in monitor mode
• https://www.youtube.com/watch?v=Y_Tqz8Ai09I
• https://www.youtube.com/watch?v=oArsNrnQ5vw
• https://www.youtube.com/watch?v=BtPsXKj06ik
• https://www.youtube.com/watch?v=iUXIGJ9-rAE
8/22/18 SECURITY TOOLS 6
Resources
• https://www.wireshark.org/#learnWS
• https://www.wireshark.org/docs/
• https://wiki.wireshark.org/SampleCaptures
• 3 states
• Open
• Closed
• Filtered
• Connect Scan
• Uses a normal TCP connection
• The scanning device will respond with ACK here…
• Xmas Scan
• Has bits in the flag section and alternating patterns of ones and zeros
• NULL Scan
• No flags
8/22/18 SECURITY TOOLS 11
Port Scanning
• ACK Scan
• Find whether a port is filtered or unfiltered
• Used to find firewall filtering
• UDP Scan
• Probes for DNS and DHCP services
• https://www.youtube.com/watch?v=P11Eq_VgVl0
• https://www.youtube.com/watch?v=GM1vTL_t2Jc
• https://www.youtube.com/watch?v=-q12dciS5PM
• https://www.youtube.com/watch?v=A8IW4Blr3nI
8/22/18 SECURITY TOOLS 13
Resources
• https://nmap.org/book/legal-issues.html
• https://nmap.org/book/man-port-scanning-basics.html
• https://nmap.org/book/man-os-detection.html
• https://nmap.org/book/man-bypass-firewalls-ids.html