7.10 Sniffing Pen Testing
Sniffing Pen Testing
- Sniffing pen test is used to check if the data transmission from an organization is secure from sniffing and interception attacks.
- Sniffing pen test helps administrators to:
- Audit the network traffic for malicious content.
- Implement security mechanism such as SSL and VPN to secure the network traffic.
- Identify rogue sniffing application in the network.
- Discover rogue DHCP and DNS servers in the network.
- Discover the presence of unauthorized networking devices.
- Step 1: Perform MAC flooding attack
- Perform MAC flooding attack using tools such as Yersinia and macof.
- Step 2: Perform DHCP Starvation Attack
- Perform DHCP starvation attack using tools such as Dhcpstarv and Yersinia.
- Step 3: Perform Rogue Server Attack
- Perform rogue server attack by running rogue DHCP server in the network and responding to DHCP requests with bogus IP addresses.
- Step 4: Perform ARP Poisoning
- Perform ARP poisoning using tools, such as Cain & Abel, WinArpAttacker, Ufasoft Snif, etc.
- Step 5: Perform MAC Spoofing
- Perform MAC spoofing using tools such as SMAC.
- Step 6: Perform IRDP Spoofing
- Perform IRDP spoofing by sending spoofed IRDP router advertisement messages.
- Step 7: Perform DNS Spoofing
- Perform DNS spoofing using techniques such as arpspoof/dnsspoof.
- Step 8: Perform Cache Poisoning
- Perform cache poisoning by sending Trojan to the victim's machine that changes proxy server settings in IE to that of attackers, thus redirecting to fake website.
- Step 9: Perform Proxy Server DNS Poisoning
- Perform proxy server DNS poisoning by running rogue DNS.
- Step 10: Document all the Findings