HP 635n Practical IPsec Deployment for Printing and Imaging Devices - Page 13
Too Easy: The Flood
UPC - 882780301016
View all HP 635n manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 13 highlights
Figure 10 - Inserting a Repeater Whenever Jane saw the CEO go into the secured MFP room to scan documents, Jane went to the open conference room and captured the conversation using Wireshark. Using some Wireshark tricks (e.g., "Follow TCP Stream"), she was able to save the conversations of all the data transmitted and received onto her laptop. Too Easy: The Flood Well, you may have read the last section and said: "This isn't a problem for me because all of my network infrastructure equipment is locked away and safe. Since Jane cannot insert an Ethernet repeater, I'm quite safe from any passive sniffing". Not True! In this section, we are going to cover another way Jane could have captured the data. We will continue to use Wireshark but now we will make use of another free tool called Ettercap. Before we get into the details, we need to talk more about Ethernet switches and how they behave. There is a special Ethernet packet called an Ethernet Broadcast packet. This packet is supposed to be received by all nodes. In other words, it is not addressed to specific device, but to all devices. Refer to Figure 11 - Switch Broadcast Behavior. 13