Last week I conducted an experiment for our local area network (LAN) to check whether it is secured or not. We have firewall installed on our network and over 30 computers on LAN area.
To check the integrity of our network to know if we are safe (I mean on a local area only) I use a software to perform a packet sniffing - a method to sniff traffic/packet over network. Surprisingly, I was able to sniff usernames and passwords for more than thirty computers on my network I was able to sniff them including cookies on secure connection (referring to browsers' cookie).
The method I perform is called ARP Spoofing, many software like this available online and for penetration testing only. If used improperly may cause you to trouble. I used cain & abel from oxid.it to perform such spoofing and I really like this software for conducting penetration tests. Note that your antivirus might flag it as a "virus" because it uses some packet sniffing method. Download only on that site for security purpose.
My purpose of ARP spoofing is to know if the packets sent over our network is safe and can't be intercepted and immune to local network attacks. But to my surprise I was able to gain their username and passwords, email, secure certificates, browser coockies, and other important details of each computer's user transaction.
I do not suggest you to take advantage and do evil things by using this program, as per IT security experts motive is to conduct a penetration test and not to harm network and perform hacking unethically. Nor I myself did not take advantage to those sniffed passwords and all other materials gathered during penetration testing.
Monday, July 21, 2008
Network intrusion - How to defend yourself
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment