ATTACK ON NETWORK
Attacks on network
• Sniffing is the process of gathering traffic from a network by capturing the data as they
pass and storing them to analyze later.
• Sniffers are used to capture traffic sent between two systems. Depending on how the
sniffer is used and the security measures in place, a hacker can use a sniffer to discover
usernames, passwords, and other confidential information transmitted on the network
• It is a Passive Process.
ARP Poisoning: Man in the Middle Attack
• The concept of ARP Poisoning (or ARP spoofing) is to set up a man-in-the-middle
attack that allows the attacker to insert himself into the communications stream between
the victim and the victim’s intended communications recipient.
• It involves sending bogus ARP requests to the network device so outbound traffic will
be routed to the attacker.
• Hacker uses the concept of ARP Poisoning to redirect all the network traffic to the
Sniffer device and get all the Username and Password sent in the Network
• DNS spoofing (or DNS poisoning) is a technique that tricks a DNS server into believing
it has received authentic information when in reality it hasn’t.
• When a user requests a certain website URL, the address is looked up on a DNS server
to find the corresponding IP address. If the DNS server has been compromised, the user
is redirected to a website other than the one that was requested, such as a fake website.
Counter apart the Network attacks
• Generally a Client User is not really the concerned person to secure the Network; it is the
part of the Network Administration.
• However, still the User is the one who will directly or indirectly effect with the Network
Trace Your Sever
• Trace your Server to check if there unreliable device in between your computer to your
• Command: Tracert ServerIP
Check the Network Connections
• A User must check the network connections which his computer has made to outer
• Command: Netstat –a
• Or you can use the TCP View to check the network connection details.
Checking the ARP Table
• ARP is Address Resolution Protocol, which converts the IP Address of a device to its
• “Arp –a”, use this command to check the ARP table for your computer and you can
easily detect the MITM Attack.