This preview shows page 1. Sign up to view the full content.
Unformatted text preview: another, the
company could have much more damage to deal with than if it had properly restricted
his access. Password Sniffing
I think I smell a password!
Password sniffing is just what it sounds like—sniffing network traffic with the hope of
capturing passwords being sent between computers. Several tools are available on the
Internet that provide this functionality. Capturing a password is tricky, because it is a
piece of data that is usually only used when a user wants to authenticate into a domain
or access a resource. Some systems and applications do send passwords over the network in cleartext, but a majority of them do not anymore. Instead, the user’s workstation performs a one-way hashing function on the password and sends only the resulting value to the authenticating system or service. The authenticating system has a file
containing all users’ password hash values, not the passwords themselves, and when
the authenticating system is asked to verify a user’s password, it compares the hashing
value sent to what it has in its file.
Many of the tools used to capture passwords can also break the encryption of the
password. This is a common way for a computer crime to start. IP Spoofing
I couldn’t have carried out that attack. I have a different address!
Response: I’m not convinced.
Networks and the Internet use IP addresses like we use building numbers and street
names to find our way from one place to another. Each computer is assigned an IP address so packets know where they came from and where they are going. However, many
attackers do not want anyone to know their real location, so they either manually change
the IP address within a packet to show a different address or, more commonly, use a tool
that is programmed to provide this functionality for them. This type of activity is referred
to as IP spoofing. Several attacks that take place use spoofed IP addresses, which give the
victim little hope of finding the real system and individual who initiated the attack.
View Full Document
- Fall '12