HP 635n Practical IPsec Deployment for Printing and Imaging Devices - Page 13

Too Easy: The Flood

Get HP 635n - JetDirect IPv6/IPsec Print Server PDF manuals and user guides
UPC - 882780301016
View all HP 635n manuals
Add to My Manuals
Save this manual to your list of manuals

Page 13 highlights

Figure 10 - Inserting a Repeater Whenever Jane saw the CEO go into the secured MFP room to scan documents, Jane went to the open conference room and captured the conversation using Wireshark. Using some Wireshark tricks (e.g., "Follow TCP Stream"), she was able to save the conversations of all the data transmitted and received onto her laptop. Too Easy: The Flood Well, you may have read the last section and said: "This isn't a problem for me because all of my network infrastructure equipment is locked away and safe. Since Jane cannot insert an Ethernet repeater, I'm quite safe from any passive sniffing". Not True! In this section, we are going to cover another way Jane could have captured the data. We will continue to use Wireshark but now we will make use of another free tool called Ettercap. Before we get into the details, we need to talk more about Ethernet switches and how they behave. There is a special Ethernet packet called an Ethernet Broadcast packet. This packet is supposed to be received by all nodes. In other words, it is not addressed to specific device, but to all devices. Refer to Figure 11 - Switch Broadcast Behavior. 13

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
13
Figure 10 - Inserting a Repeater
Whenever Jane saw the CEO go into the secured MFP room to scan documents, Jane went to the
open conference room and captured the conversation using Wireshark.
Using some Wireshark tricks
(e.g., “Follow TCP Stream”), she was able to save the conversations of all the data transmitted and
received onto her laptop.
Too Easy: The Flood
Well, you may have read the last section and said: “This isn’t a problem for me because all of my
network infrastructure equipment is locked away and safe.
Since Jane cannot insert an Ethernet
repeater, I’m quite safe from any passive sniffing”.
Not True!
In this section, we are going to cover
another way Jane could have captured the data.
We will continue to use Wireshark but now we will
make use of another free tool called Ettercap.
Before we get into the details, we need to talk more about Ethernet switches and how they behave.
There is a special Ethernet packet called an Ethernet Broadcast packet.
This packet is supposed to be
received by all nodes.
In other words, it is not addressed to specific device, but to all devices.
Refer
to Figure 11 – Switch Broadcast Behavior.