How To Sniff A Switched Network in 15 Minutes!

How To Sniff A Switched Network in 15 Minutes!

Henry Dalziel | General Hacking Posts, Hacker Hotshots | February 19, 2013

Tomorrow is the last chance to sign up for one of our most exciting events this year!

How To Sniff A Switched Network in 15 Minutes!Register here. It’s live and free and we strongly advise you to ask questions and participate as much as possible.

If you are interested in learning how to sniff a network, (“network sniffing”) then this event is for you! The instructor, Eric Reed, will demonstrate a simple step-by-step process on how you can use Cain to own a switched network.

So, who’s Eric Reed?
Eric is arguably the best CEH instructor out there. We saw him at Hacker Halted in Miami and he certainly knows his stuff! With over 12 years of experience in the IT consulting and training field Eric has consulted and delivered certification and customized training to all branches of the U.S. Military, and for many Fortune 100 and Fortune 500 companies.

Some companies Eric has trained include the FBI – yes, you heard right, and, to name a few others, General Dynamics, Northrop Grumman, Best Buy, NASA and Boeing. Quick summary: Eric is a highly qualified and respected information security professional and instructor. If you are interested in networking sniffing, or just plain curious about what the CEH course is all about then come on by!

Eric told us that within the 15-20 minute session, he will give the audience an overview of how to sniff a switched network using ARP poisoning. (For anyone out there not sure what ARP poisoning is, it is a security technique used by hackers (or authorized penetration testers) to send fake or spoofed Address Resolution Protocol (ARP) messages onto a Local Area Network).

The primary aim of the security professional or the hacker is to associate the MAC address with the IP address of another host (typically the default gateway/ router), resulting in traffic meant for that IP address to be sent to the attacker instead – also known as Man In the Middle (MILTM) attack.

Eric should touch on (depending on time) how ARP spoofing allows an intruder to intercept data frames on a LAN and also how that data can be corrupted or altered.

Other points Eric hopes to cover are:
1. How to understanding weakness in the ARP protocol.
2. Being able to leverage the weakness to sniff a switched network.
3. Being able to counter-measure ARP poisoning attacks

The last point is particularly helpful for system administrators – i.e. being able to counter measure.

We hope to see you there! Also, if you miss it, then don’t worry just follow this link to see the replay.

Leave a comment or reply below...thanks!