Merabi Takashvili MC650 Chapter4 Detailed Assignment
Merabi Takashvili MC650 Chapter4 Detailed Assignment
Merabi Takashvili MC650 Chapter4 Detailed Assignment
Chapter 4
Name: Merabi Takashvili
Module: 4
Chapter: 4
Answers to Questions
• Linux: On Linux, the libpcap library is used for packet capture. It enables tools like
tcpdump and Wireshark to capture network traffic by putting the NIC in promiscuous mode,
capturing all packets in the broadcast domain.
• Telnet: Telnet is used for remote command-line access, but it transmits all data, including
passwords, in plaintext, making it highly vulnerable to sniffing attacks.
• FTP (File Transfer Protocol): Like Telnet, FTP sends files and login credentials in plaintext,
allowing attackers to capture and read sensitive data during transmission.
- Linux: Use "ip neigh" or "arp -n" to display the ARP cache.
- Windows: Use "arp -d *" to delete all entries in the ARP cache.
- Linux: Use "ip -s -s neigh flush all" to clear the ARP cache.
6. Gratuitous ARP:
Gratuitous ARP is an ARP message sent without a request. It allows a device to announce its
IP and MAC address mapping to update other devices' ARP caches. It is used to prevent IP
conflicts and in network failover scenarios.
• Passive Sniffing: Involves listening to the network traffic without modifying it. Works in
hubs or non-switched networks where traffic is broadcast to all devices, making it less
detectable.
8. MAC Flooding:
MAC flooding is an attack that overwhelms a switch with fake MAC addresses, causing the
switch to operate as a hub. As a result, all network traffic is sent to all devices, allowing the
attacker to capture and sniff all traffic.
9. DHCP Starvation:
DHCP Starvation is a denial-of-service attack where an attacker floods a DHCP server with
fake requests, exhausting its pool of available IP addresses. This prevents legitimate users
from obtaining IP addresses and connecting to the network. It can be used in conjunction
with a rogue DHCP server for further attacks.
10. Honeypot:
A honeypot is a decoy system designed to attract attackers by simulating vulnerable
systems. It is used for research, detection, and diverting attackers from real systems.
Honeypots provide valuable insights into attack methods and behavior without
compromising actual systems.