People's Public Security University of China
Chinese people’ public security university
cyber countermeasures
experimental report
| Experiment 2 |
| Network Sniffing and Spoofing |
| student name |
Li Yuchen |
| grade |
Class of 2015 |
| District team |
District One |
| mentor |
Takami |
School of Information Technology and Cyber Security
May 2 , 2018 _ _ _
General outline of experimental tasks
20 1 7 —20 1 8th semester 2nd semester _
1. The purpose of the experiment
1. Deepen and digest the teaching content of this course, and review the Internet search skills, methods and techniques learned;
2. Understand and be familiar with common network sniffing methods, master the use of common packet capture software and filtering skills, and be able to analyze basic network behaviors for a given data packet; master the basic principles of ARP spoofing and DNS attack methods based on ARP spoofing;
3. To achieve the purpose of consolidating course knowledge and practical application.
2. Experimental requirements
1. Carefully read the content of each experiment. For topics that require screenshots, clear screenshots should be taken and the screenshots should be marked and explained.
2. The document requires a clear structure, accurate graphic and textual expression, and standardized labeling. The reasoning content is objective, reasonable and logical.
3. Software tools can use office2003 or 2007, CAIN, Wireshark, etc.
4. After the experiment is over, keep the electronic documentation.
3. Experimental steps
1. Prepare
Prepare for the experiment in advance. Before the experiment, you should have a detailed understanding of the experimental purpose, experimental requirements and experimental content, be familiar with and prepare the software tools for the experiment, and prepare the experimental content in advance according to the experimental content and requirements.
2. lab environment
Describe the hardware and software environment (including various software tools) used in the experiment;
Power on and start the software office2003 or 2007, browser, Wireshark, CAIN.
3. experiment procedure
1) Start the system and start the tool software environment.
2) Use software tools to realize the experimental content.
4. experimental report
Write the experimental report according to the unified required experimental report format. Embed the document written according to the template format into the experimental report document, the document should be written according to the prescribed writing format, and the tables should have tables and graphs and pictures.
ARP spoofing
Then stop capturing packets
filter out ftp
Click to track data flow, you can see the FTP login process in the data package
filter tcp, then find packets with byte data
Click to track data flow
save on desktop
