These types of switches pose a big risk because they are usually plug and play types of devices and. The introduction of a rogue unmanaged network switch has the potential to cripple a network. Detecting these rogue switches is key to security of any organization. There are many methods to detect rogue wireless access points, but the same case can not be said for rouge switches on a LAN network. This paper shows how wireshark can prove to be extremely beneficial in such scenarios and accentuates how various local area network attacks like ARP poisoning, DOS attack, MAC flooding and DNS spoofing can be detected using wireshark and also provides some mitigation techniques for these attacks. The first step towards taking proper action in all these cases is to determine the source of the attack and here, wireshark can be used to monitor and map network traffic.
However, sometimes the cause behind such service disruptions could be due to external attacks which attempt to bring our web server down, send false ARP reply packets or infect our network with malware to form a part of a botnet. unawareness about traffic analyzing tools or not knowing exactly why a disruption has occured and is often concluded due to poor network architecture. Many times the cause behind service disruptions like sudden terminal shutdown, connectivity loss, performance degradation etc go undetected because of. Any throttle in the performance of a network can prove to be a serious concern for network administrators, often leading to huge loss of resources. This paper describes the importance of wireshark as a sniffing tool in a computer network. Packet, Sniffer, Protocol, Address, Network, Frame View full-text The outcome can aid network administrators to control Intranet access and provide security. Four network instructions were used in the analysis of the IP traffic and the results displayed the IP and Media Access Control (MAC) address sources and destinations of the frames, Ethernet, IP addresses, User Datagram Protocol (UDP) and Hypertext Transfer Protocol (HTTP). The IP traffics were captured and analyzed using Wireshark Version 2.0.3. The LAN was deployed on windows 8 with a D-link 16-port switch, category 6 Ethernet cable and other LAN devices. It was implemented using five computer systems configured with static Internet Protocol (IP) addresses used in monitoring the IP traffic on the network by capturing and analyzing live packets from various sources and destinations in the.
This paper was designed to provide Intranet traffic monitoring by sniffing the packets at the local Area Network (LAN) server end to provide security and control.
0 kommentar(er)
