domingo, 27 de noviembre de 2011

Wireshark


Ok, in the last publications many people talk about encrypt, security, pings, and other, but we need to know a some tools that can help to want vulnerabilities in ours network, for example the information that we send and pass to the modem or other computer, this information is encrypt or go visible? or how many package we send and what package we send.


For this things have a many tools for example, nmap (this help to know the network, ports, information of the computer connected in the local network), aircrack (help to decrypt the key of the router or modem), kismet (help to put the network card in mode monitor "sniff"), wireshark(sniff packages).


But and talk about wireshark, is a tool using to make testing in the network


We can download putting in terminal sudo apt-get install wireshark


Then we run in mode administrator (sudo)


Then we go in Interface List and choose wlan0
Next the program open a window showing the package that was sending
Then of a little time, we stop the program.
Stop listening and you will see the information, for example where is the place to go and what your destination.

If we click on one of them we will display all your specific information,which is where you used that port, protocol, etc.
Also what can be done is that you give and give it the 2nd buttonFollo TCP Stream and teach you the information being sent.
If we try to read it, we can not, as many times this is encrypted, so you will not see, rather than the odd line.

But now we know how this works, seen with the previous, so we can implement any tool or program to unzip us the information. For this too has wireshark decryption tool, it is a matter of us to choose which is the indicaga as they deal with different protocols. To facilitate thiswe can also set filters, that is which at a certain port and ip.

1 comentario:

  1. Esto sube a N3P por 2 y libera a Gaby de su compromiso dona.

    ResponderEliminar