CEH

Using a Sniffer 219 Next you need to create some traffic. There are a few ways you can do this. In this exercise you will use y ...

220 Chapter 9 ■ Sniffers There are a couple of ways to read the captured log file. One is with TCPdump, but let’s do it the fan ...

Using a Sniffer 221 output from a sniffer is not just a CEH exam skill. It truly is one of those integral skills that every hack ...

222 Chapter 9 ■ Sniffers In Exercise 9.3 you will use Wireshark because it lets you read dissected packets easily. On the CEH ex ...

Using a Sniffer 223 Select the TCP portion of the packet in the middle pane. Now take this one step further and apply your know ...

224 Chapter 9 ■ Sniffers The CEH exam will expect you to know how to identify packet details such as hexadecimal IP addresses, a ...

Switched Network Sniffing 225 Overflowing a CAM table using Ubuntu is a simple matter. The standard repositories store the tools ...

226 Chapter 9 ■ Sniffers FIGURE 9.3 Cain and Abel Enabling the IP DHCP Snooping feature on Cisco switches prevents ARP poisoning ...

Switched Network Sniffing 227 Port Mirror or SPAN Port Another way to circumvent switches is through the use of physical means—g ...

228 Chapter 9 ■ Sniffers Mitigating MAC Flooding You can mitigate the CAM table-overflow attack by configuring port security on ...

Switched Network Sniffing 229 root@switch# set interface { | all } allowed-mac Set the allowed MAC address(es) allowed to conn ...

230 Chapter 9 ■ Sniffers Detecting Sniffing Attacks Aside from pure defensive tactics, it is possible to be proactive and use de ...

Review Questions 231 Review Questions On a switch, each switchport represents a ____. A. VLAN B. Broadcast domain C. Host D. C ...

232 Chapter 9 ■ Sniffers Bob is attempting to sniff a wired network in his first pen test contract. He sees only traffic from t ...

Review Questions 233 What is the generic syntax of a Wireshark filter? A. protocol.field operator value B. field.protocol oper ...

234 Chapter 9 ■ Sniffers Which network device can block sniffing to a single network collision domain? A. Hub B. Switch C. Rout ...

Social Engineering CEH EXAM OBJECTIVES COVERED IN THIS CHAPTER: ✓ X. Social Engineering ■ a. Types of social engineering ■ b. So ...

So far in this book we have covered a lot of threats, but they have all been technological in nature. In this chapter, we will s ...

What Is Social Engineering? 237 If it helps, you can think of social engineers in the same context as con artists. Typically, in ...

238 Chapter 10 ■ Social Engineering In many of the cases discussed in this book, you have seen social engineering play a role. O ...