Nt1310 Unit 1.3 Study Guide

287 Words2 Pages

1.3 Discussion Questions 1. Does a network interface on a sniffer machine require an IP Address? -No, the sniffer doesn't require an IP address, it wants to remain invisible to the other machines in order to intercept messages undetected. 2. In what mode does a sniffer’s network interface operate? -The sniffer operates in promiscuous mode. 3. How do you determine available switches for tcpdump? -The command --help shows the switches. 4. How can you display all of the network interfaces in Linux? -The command ifconfig -a views all the available interfaces on the system. 2.3 Discussion Questions 1. Do FTP usernames and passwords appear in clear text? -They do when intercepted by wireshark on the Linux sniffer. 2. How do you choose the interface to capture on within Wireshark? …show more content…

3. How do you filter for a certain protocol within the Wireshark program? -There is a filter bar at the top which you type into, for example ftp. 4. How do you open the Wireshark program from the terminal in Linux? -Type Wireshark into the root@bt bar. 3.3 Discussion Questions 1. What kind of tool is Network Miner? -Network Miner is a network forensic analysis tool, which can capture images and files. 2. On what operating systems will the Network Miner program run? -It runs on windows operating systems. 3. How do you parse out web pages of visited sites in Network Miner? -You go to the files tab and then open the available information there. 4. What needs to be configured within Network Miner prior to capturing data? -The network adapter need to be configured to the right network

Show More
Open Document