Menu

Friday, February 29, 2008

Find Hackers and Security Holes Using WIRESHARK!!

Hi Guys,

Up to now I have done few posts regarding hacking.. On this post I would like to introduce you a great tool called "Wireshark" in order to find out security vulnerabilities in your network, in other word find out hackers who accessing your computer or the network .... huh
The scenario is like this;
Think you are currently working on a computer network. There are thousands of computers. You feel someone is monitoring on you or someone is accessing your PC or someone is sniffing your yahoo chats or else you need to know which sites, IPs and Ports you are currently connected through your PC.

Test this command on your Windows Command Prompt:-

C:\>netstat -a

If you type that command on you Windows Command Prompt you could find out all the sites, IPs and Ports and people who currently accessing you computer. But if there is a serious hacking is going on its not enough to find out the bugger.

So lets move on to the topic.
Wireshark (formerly known as Ethereal) is an extremely valuable tool which capable to scan Wireless and Ethernet data and comes with some robust filtering capabilities. In another words Wireshark is a network protocol analyzer, or “packet sniffer”, that captures and shows contents of network frames. It runs on Unix/Linux, and Windows. Wireshark uses the WinPcap project to capture packets (lipcap on Linux).

If you are a network administrator it would be really useful to control your network interface and find security holes. Even the Linux platform is vulnerable to attacks. This is an open source network packet sniffing product that would watch on DNS, TCP, UDP, HTTP and most the known network protocols.

You can see the content of the captured data packets as well. If some other data packets going though your network location that would be captured as well. For example you can see the data packets received to the PCs that next to you. By looking at the content of data packets you can read their chat records as well.


Download Wireshark:-
http://www.wireshark.org/download.html
http://sourceforge.net/projects/wireshark/


Website:-
http://www.wireshark.org

Basic User Guides:-
http://portforward.com/networking/wireshark.htm
http://zone.ni.com/devzone/cda/tut/p/id/6746


Advanced User Guides:-
http://www.wireshark.org/docs/wsug_html_chunked/
http://ftp.uni-kl.de/pub/wireshark/docs/user-guide-us.pdf


Other References:-
http://www.willhackforsushi.com/books/377_eth_2e_06.pdf

Note:- This is an extremely powerful tool. If you are not a Network Administrator, be careful when you use this tool. Because if you run this tool on your machine which connected to a network, your Network Administrator can find out that you are using a Sniffing Tool. Because when you run it always there is a network traffic comes to your computer.

Posted by at 2 comments:
Subscribe to: Posts (Atom)