Manualshelf

User`s guide

ManualsBrandsAirscanner ManualsComputer equipmentMobile Sniffer
12345678910
(C) 2003 Airscanner Corp. http://www.airscanner.com
Note: The following document is more than a user’s manual; it is also our attempt to
help educate you on the science of sniffing. We hope you will take the time to read this
entire manual so that you will be better equipped to defend yourself and to audit your
own wireless networks.
1. Overview
When the typical end user sends an instant message to their friend or family member on the
other side of the world, not much thought is given to the technology that makes it happen. To
them, they simply type the message in a window and when they hit the Enter button, the
message is magically transported to their friend’s screen. While this appears to be an
instantaneous relay of data, in reality the message passes through a legion of interconnected
hardware devices that process the data before it arrives at its destination.
Although it seems easy, the technology responsible is very complex and requires an in depth
understanding of communication protocols and how they are used by hardware devices to pass
and control data flow. A network administrator must understand the use of hubs, switches,
routers, TCP/IP, SMB and more in order to audit or debug network communication. This brings
us to the sniffer.
A sniffer is merely a data collection tool that allows its user to see what data is passing on a
network. This tool can come in the form of a simple software program included with an OS
(e.g., Windows Network Monitor, AIX iptrace) or as part of a complex and very expensive
hardware device (e.g., $40,000 GTX Multi-protocol analyzer) that can handle multiple network
lines and GBs of data. Though it is just a tool, it, like many other simple tools, can be used for
good or evil. For example, a sniffer can help an administrator find a malfunctioning network
card, just as easily as it can help a malicious hacker monitor network traffic for user names,
passwords, or other sensitive data that could be abused to gain unauthorized access to a network.
This manual will describe how a sniffer works, and how it can be used to help you
troubleshoot a networking problem. We will also demonstrate methods in which you can use a
sniffer to troubleshoot applications that require network access to function. In addition to these
legitimate purposes, we will also illustrate how a hacker can abuse a sniffer to gain access to
private information. Hackers already know how to do this, so it is imperative that you learn
their attack methods so that you can properly protect your networks.
2. Sniffer Fundamentals
As previously mentioned, a sniffer allows you to view and analyze raw network traffic. This
traffic can be on a wire, fiber line, or even in the air on a wireless network. While the data
typically flows flawlessly from one point to another, there are times when something goes
wrong and a technician or administer needs to get inside the traffic to see what is happening.
However, this is not as easy as plugging in a computer and collecting data. As we will