Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
25 views

Cyber Security Lab-4

Uploaded by

nikhilkaul03
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
25 views

Cyber Security Lab-4

Uploaded by

nikhilkaul03
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Name: NIKHIL KAUL

Batch: CSE(AI&ML)-B
Roll Number: 2200291530073

LAB-4
Topic:
Detecting Suspicious Activity: Analyse network traffic to identify suspicious
patterns, such as repeated connection attempts or unusual communication
between hosts.

Introduction:
Password sniffing refers to the technique used to intercept and capture
passwords as they are transmitted over a network. This type of cyber-attack
exploits unsecured or poorly secured network communications to access
sensitive information like passwords. Typically, password sniffing involves the
use of software or hardware tools known as "sniffers" that can monitor and
analyse network traffic.

How password sniffing works:


1. Sniffer Deployment:
An attacker deploys a sniffer on a network. This tool is capable of
capturing all data packets that pass through the network segment to
which the sniffer has access.

2. Data Capture:
As users on the network send their data, which may include login
credentials, across the network, the sniffer captures this data. This is
especially effective on unencrypted or poorly encrypted networks.
Name: NIKHIL KAUL
Batch: CSE(AI&ML)-B
Roll Number: 2200291530073

3. Extraction of Credentials:

The attacker then sifts through the captured data to find useful information
such as usernames and passwords. These credentials can be in plain text
(especially if protocols like HTTP are used instead of HTTPS) or may need to
be decrypted if they are captured in encrypted form.

4. Misuse of Information:
Once the attacker has obtained usernames and passwords, they can use
this information to gain unauthorized access to systems and resources.

Protect against password sniffing:


1. Encryption:
Using strong encryption protocols like HTTPS, SSH, and TLS for all data
transmissions can help protect the data from being readable even if
intercepted.

2. Secure Networks:
Employing VPNs (Virtual Private Networks) and other secure network
access methods can reduce the risk of sniffers being deployed on a
network.

3. Awareness and Training:


Educating users about secure practices, such as avoiding the use of
unsecured public Wi-Fi networks for sensitive transactions, can also help
mitigate risks.
Name: NIKHIL KAUL
Batch: CSE(AI&ML)-B
Roll Number: 2200291530073

How password sniffing can be performed using Wireshark:


Step 1: Set-up Wireshark in any file containing sensitive information.
Step 2: Open file in Wireshark.

Step 3: Analyse the data from Info section as follows:

There how, data and sensitive information are sniffed like that.

You might also like