Upload
blaze-rowe
View
51
Download
1
Embed Size (px)
DESCRIPTION
ORGANISATIONAL SYSTEMS SECURITY Unit 15 Lecture 2. NETWORK ANALYSIS SOFTWARE. Learning Objectives. EXAMPLES OF NETWORK ANALYSIS SOFTWARE Ettercap Wireshark (Ethereal) NMap Angry IP Scanner. Ettercap (Primary ARP Poisoning Tool). Can intercept traffic on a network segment - PowerPoint PPT Presentation
Citation preview
BTEC NAT Unit 15 - Organisational Systems Security
ORGANISATIONAL SYSTEMS ORGANISATIONAL SYSTEMS SECURITYSECURITY
Unit 15 Lecture 2Unit 15 Lecture 2
NETWORK ANALYSIS NETWORK ANALYSIS SOFTWARESOFTWARE
BTEC NAT Unit 15 - Organisational Systems Security
Learning ObjectivesLearning Objectives
EXAMPLES OF NETWORK ANALYSIS EXAMPLES OF NETWORK ANALYSIS SOFTWARESOFTWARE
EttercapEttercap Wireshark (Ethereal)Wireshark (Ethereal) NMapNMap Angry IP ScannerAngry IP Scanner
BTEC NAT Unit 15 - Organisational Systems Security
EttercapEttercap(Primary ARP Poisoning Tool)(Primary ARP Poisoning Tool)
Can intercept traffic on a network segmentCan intercept traffic on a network segment Can capture passwords & conduct Man in the Middle attacksCan capture passwords & conduct Man in the Middle attacks Filters data packets by IP addresses or MAC addressesFilters data packets by IP addresses or MAC addresses ARP poisoning (MIM) between victims & hostsARP poisoning (MIM) between victims & hosts OS fingerprinting of victims & Killing of connectionsOS fingerprinting of victims & Killing of connections Passive scanning of host’s informationPassive scanning of host’s information Find other poisoners on the networkFind other poisoners on the network
BTEC NAT Unit 15 - Organisational Systems Security
WIRESHARK (Ethereal)WIRESHARK (Ethereal)
Free packet sniffer applicationFree packet sniffer application Protocol scanner looking at data packetsProtocol scanner looking at data packets Used in the detection of KeyloggersUsed in the detection of Keyloggers See all traffic passed over a network or outgoing traffic See all traffic passed over a network or outgoing traffic
from a computerfrom a computer Network Troubleshooting AnalysisNetwork Troubleshooting Analysis
BTEC NAT Unit 15 - Organisational Systems Security
NMAPNMAP
• Network Security Scanner
• Deep probe scanner to reveal information about a device
• Creates a map of the network – computers & services
• Can discover passive services not advertised
• Port Scanning & O/S detection of network devices
• Audit the security of a computer or network
BTEC NAT Unit 15 - Organisational Systems Security
ANGRY IP SCANNERANGRY IP SCANNER
Fast & visual scanner looking at a large range of IP Fast & visual scanner looking at a large range of IP addressesaddresses
Can check TCP ports during scanCan check TCP ports during scan Can also display NetBios and device informationCan also display NetBios and device information
BTEC NAT Unit 15 - Organisational Systems Security
Internal & External ThreatsInternal & External Threats
Internal ThreatsInternal Threats External ThreatsExternal ThreatsUse of ScannersUse of Scanners Virus AttacksVirus Attacks
Man in the Middle attacksMan in the Middle attacks Trojan HorsesTrojan Horses
Magic Disk tacticsMagic Disk tactics WormsWorms
KeyloggingKeylogging Hacking via Piggybacking, Hacking via Piggybacking, Tunnels & ProbesTunnels & Probes
Forging DataForging Data
Phishing & Identity TheftPhishing & Identity Theft
BTEC NAT Unit 15 - Organisational Systems Security
Unauthorised Access – Internal Unauthorised Access – Internal ThreatsThreats
ScannersScanners• Establish what methods may be used to attack a systemEstablish what methods may be used to attack a system• Scan a range of IP addresses – active or passive (can Scan a range of IP addresses – active or passive (can
map to a domain name)map to a domain name)• Check TCP ports – open & closedCheck TCP ports – open & closed
Deep Probe – Deep Probe – Useful information about any deviceUseful information about any device
Wireless Systems scannerWireless Systems scanner – – establish access points establish access points within range (Retina Network Security Scanner)within range (Retina Network Security Scanner)