Friday, 19 February 2016

Sniffing around a switched network

Programming, Cyber Security
In my previous article i gave the idea of how to place a sniffer in a hub network. If you have no idea on how a hub works and how it a network with a hub can be sniffed i suggest you read my previous article Sniffing in a hub network.

But if you have the idea of how to sniff in a hub network then you can move on to this article easily.

Switches are the most common type of connection device used in modern network environments. They provide an efficient way to transport data via broadcast, unicast, and multicast traffic. As a bonus,switches allow full-duplex communication, meaning that machines can send and receive data simultaneously.Unfortunately for packet analysts, switches add a whole new level of complexity.When you connect a sniffer to a port on a switch, you can see only broadcast traffic and the traffic transmitted and received by your machine, as shown in Figure. 

There are four primary ways to capture traffic from a target device on a
switched network: 

  • Port Mirroring
  • Hubbing Out
  • Tapping Out
  • ARP Cache Poisoning
In my next few articles i will try to write these techniques in a simple manner.

No comments:

Post a Comment