Information security technology experiment: network sniffing and deception

1. Purpose of the experiment

1. Understand the principle of data sniffing, the process of protocol encapsulation, and the use of typical sniffing tools.
2. Methods to obtain sensitive data during network transmission;
3. Understand the concept of host scanning and be able to use tools to scan hosts.

2. Experimental content and design ideas

The principle of sniffing FTP is a protocol for file transfer. Based on different operating systems, there are different FTP applications, and these applications all follow the same protocol to transfer files. Telnet is a protocol commonly used in network connections. It usually uses plain text for data transmission, and can capture user names and passwords by sniffing. Wireshark is a network packet analysis software. Its main function is to capture network packets and display the most detailed network packet information as possible. Wireshark uses Winpcap as an interface to directly exchange data packets with the network card.

3. The experimental environment (the platform and related software used in this experiment)

4. Experimental steps and debugging process

First open the Telnet service in the computer

In this process, all other services in the dependency relationship must be opened to open the Telnet service

Then open the Telnet service

Enter ipconfig on the command line to find the local ip address (this machine is: 210.34.138.90, the address to be connected is 210.34.138.89)

Then create an account locally (account: lct, password: 123)

Try to connect to the computer next door (ip: 210.34.138.89), the connection is successful

Operate through the packet capture tool, filter out the data under the Telnet service, and successfully capture the account number and password data (account: lct, password: 123)

5. Experimental summary

通过本次实验,对网络嗅探与欺骗有了更进一步的理解,意识到了网络安全的重要性,为以后的学习奠定了基础。