User Account

All Pages

Configure a sniffer to monitor traffic

Assignment Help Computer Network Security
Reference no: EM132928704

00130 Monitoring Network Traffic Capstone - Skills Passport

Objective

Monitor network traffic to detect anomalous/suspicious behavior.

Scenario

In this scenario, you will configure a sniffer to monitor traffic. You will then run two network scans to emulate part of a hacker's life cycle. Then after performing the scan you will analyze the pcap file and examine the web logs.

Monitor Network Traffic

Scenario

In this first exercise, you are to setup network interfaces in promiscuous mode and then start capturing packets using a network sniffer.

1. First, and on the Security Onion machine, edit the network interfaces configuration so that eth0 and eth1 are configured in promiscuous mode. Then, restart networking to apply the changes. Please leave eth2 configured as it is.

Switch to Security Onion
2. Verify via the command line that eth0 and eth1 are setup in promiscuous mode.

Switch to Security Onion
3. Lastly, finish this exercise by using a sniffer of your choice to capture packets passing through the eth0 network, and write all captured packets to a capture file on the desktop named Capture.cap.

Switch to Security Onion

Generate Network Traffic

Scenario

In this section of the lab, you will generate traffic to capture network traffic on the LAN network.

1. First, login to the Kali machine with the username root and the password P@ssw0rd.

2. We are now going to generate some traffic. From the Kali box, run an nmap scan against 198.51.100.1. Run an intense scan (T4), and configure the scan to use OS detection, service version detection, and script scanning techniques.

3. Next, run a second network scan against the 198.51.100.100 box using the same settings as before.

Analyze the Traffic

Scenario

In this section you will examine the traffic from the sniffer.

1. Return to the Security Onion box and stop capturing packets. Note how many packets were captured, and verify the capture file was saved with those packets. If the capture file has not yet been saved, save it now to the desktop as Capture.cap.

Switch to Security Onion
2. Next, analyze the capture file with Snort. Also, make sure to output the resulting alert file to the /home/student directory and use the correct snort.conf file.

Switch to Security Onion
3. After snort finishes its analysis, review the file generated by Snort for any suspicious events. Do you see any to note?

Switch to Security Onion
4. Next, continue your analysis and open the capture file with Wireshark to browse the captured packets. Play around with the filters to analyze the captured traffic. For instance, apply a filter to view all TCP reset packets.

Do you see anything indicating a network scan was run against boxes on your network? Switch to Security Onion

5. Lastly, log into the Metasploitable box and view the web server logs. Specifically, use the command to view the most recent web server logs.

Notice what breadcrumbs are leftover from the network scan.

Attachment:- Monitoring Network Traffic.rar

Reference no: EM132928704

Questions Cloud

Differences between general and firm specific human capital : Explain the differences between a general and firm specific human capital, giving examples of each. How would the presence of firm-specific human capital in a j
Explain elements of the strategy : What should organisations consider in rewriting their Talent Strategy with advent of 4IR and COVID -19 pandemic?
Calculate the value of All-Mine debt and equity components : The project would have to be financed by equity, the cost is $2,000, and the return will be $2,500 in one year. Calculate the value of All-Mine debt
Employees are getting a bite of apple stock : Apple recently announced plans to award restricted shares of stock to hourly as well as salaried workers. Apple had been giving this type of incentive pay to ma
Configure a sniffer to monitor traffic : Configure a sniffer to monitor traffic. You will then run two network scans to emulate part of a hacker's life cycle
Describe the performance evaluation : Describe the Performance evaluation within the human resources management department
Determine the implied growth rate of GLDCs dividends : Determine the implied growth rate of GLDC's dividends (and earnings), assuming that the required rate of return of investors is 12 percent
Compare hr practices in govt and private organizations : Compare HR Practices in govt and private organizations. List the differences based on your understanding of HRM.
Implement performance-based rewards : What does Japanese culture value and reward which made it difficult for Fujitsu to implement performance-based rewards?

Reviews

Write a Review

Computer Network Security Questions & Answers

  An overview of wireless lan security - term paper

Computer Science or Information Technology deals with Wireless LAN Security. Wireless LAN Security is gaining importance in the recent times. This report talks about how vulnerable are wireless LAN networks without any security measures and also talk..

  Computer networks and security against hackers

This case study about a company named Magna International, a Canada based global supplier of automotive components, modules and systems. Along with the company analysis have been made in this assignment.

  New attack models

The Internet evolution is and is very fast and the Internet exposes the connected computers to attacks and the subsequent losses are in rise.

  Islamic Calligraphy

Islamic calligraphy or Arabic calligraphy is a primary form of art for Islamic visual expression and creativity.

  A comprehensive study about web-based email implementation

Conduct a comprehensive study about web-based email implementation in gmail. Optionally, you may use sniffer like wireshark or your choice to analyze the communication traffic.

  Retention policy and litigation hold notices

The purpose of this project is to provide you with an opportunity to create a document retention policy. You will also learn how to serve a litigation hold notice for an educational institute.

  Tools to enhance password protection

A report on Tools to enhance Password Protection.

  Analyse security procedures

Analyse security procedures

  Write a report on denial of service

Write a report on DENIAL OF SERVICE (DoS).

  Phising email

Phising email It is multipart, what are the two parts? The HTML part, is it inviting the recepient to click somewhere? What is the email proporting to do when the link is clicked?

  Express the shannon-hartley capacity theorem

Express the Shannon-Hartley capacity theorem in terms of where is the Energy/bit and is the psd of white noise.

  Modern symmetric encryption schemes

Pseudo-random generators, pseudo-random functions and pseudo-random permutations

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd