|
|
| (199 intermediate revisions by 4 users not shown) |
| Line 1: |
Line 1: |
| − | ==Goals==
| + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | <!--DO NOT EDIT MY PAGE--> |
| | + | [[Image:Cat_5.jpg|border|200px|right]] |
| | | | |
| − | ===<u>1st Quarter</u>===
| + | My name is <b>Nick Apseloff</b>, (pronounced /ˈæpsəlˌɒff/) and this is my wiki for [http://www.paulbui.net/ Mr. Bui's] advanced topics class. |
| | | | |
| − | '''1.''' Set up a small network of 3 computers using a hub. '''[X]'''
| |
| | | | |
| − | '''2.''' Use a [http://en.wikipedia.org/wiki/Packet_sniffer packet sniffer] to capture messages sent from one computer to another on the network. '''[X]'''
| + | <b>Documentation:</b> |
| | | | |
| − | '''3.''' Research network security and vulnerabilities and document findings. '''[ ]'''
| + | [http://paulbui.net/wl/Nick_Apseloff_1st_Quarter 1st Quarter] |
| | | | |
| − | ==Documentation==
| + | [http://paulbui.net/wl/Nick_Apseloff_2nd_Quarter 2nd Quarter] |
| | | | |
| − | ===<u>1st Quarter</u>=== | + | ==See also== |
| − | | + | *[[Advanced Topics]] |
| − | ====Goal 1====
| + | *[[Willie Stehm]] |
| − | AJ McLennan, Willie Stehm, and I set up a network of 3 computers. We first installed Xubuntu (a Linux distribution) on each machine and then networked them together using ethernet cables and a hub.
| + | *[[AJ McLennan]] |
| − | | |
| − | ====Goal 2====
| |
| − | We initially tried to get the program 'talk' working on the machines so we could easily send messages between two of the computers in an attempt to view the packets transmitted on the third computer, but after a few days of trying to get it to work, we settled on using Pidgin (a messenger client that is compatible with AOL Instant Messenger).
| |
| − | | |
| − | We then downloaded a packet sniffer called 'Wireshark' and ran it on one of the computers. On AJ's computer, he signed onto AOL Instant Messenger using his own screen name. By changing the display filter of the packet sniffer to only show AIM packets, we were able to see his screen name when he logged on. It was difficult to decipher which packets corresponded to what he was doing, but after getting familiar with the descriptions of the packets it was easy to pick out the ones that were messages. We were able to read outgoing and incoming messages as well as buddy info that the other computer was viewing.
| |
| − | | |
| − | On Willie's computer, I typed in a random password to sign on just so I could see if we could view the password sent to AOL. Not surprisingly, we found the packet sent to AOL and the password was not sent in plain text; it was sent as a password hash using the MD5 algorithm, short for [http://en.wikipedia.org/wiki/Md5_Hash Message-Digest algorithm 5]. This algorithm uses a one way hash function (one way meaning that the function cannot be reversed) that translates the password to a 128-bit hash value (32 characters consisting of 0-9 and a-f). The purpose of the password hash is to prevent exactly what we were trying to do. We successfully sniffed the packet that contained the password sent, but all we got was the following irreversible password hash: '''51e3ed91700bee528a11e333ab25e6d2'''. In Layman's terms, when you type in a password to sign into something, the password gets jumbled up into random letters and numbers before being sent, so anyone trying to steal your password by sniffing your packets will not be able to, or at least have a very difficult time doing so. It is theoretically possible to recover a plain text password from an MD5 password hash using a [http://en.wikipedia.org/wiki/Rainbow_table rainbow table], but this is not an easy process by any means.
| |
| − | | |
| − | The reason that this packet sniffing worked was because we were using a hub, rather than a switch, to connect our computers in the network. Hubs broadcast the packets sent by one computer to all ports, so viewing the packet activity of another computer is quite simple. On the other hand, switches send the packets to ''only'' the desired port, so others on the network cannot listen in on your traffic. Switches have replaced hubs almost entirely because of this blatant security flaw, but hubs are still used in some situations such as where security is not a necessity.
| |
| − | | |
| − | :[[Image:Hub_switch.bmp]]
| |
| − | | |
| − | ::''Above is a graphic I created showing how with a hub, packets are broadcasted to every port, while a switch sends packets to only a specified port. Each number represents a computer on the network.''
| |
