StudyDaddy Computer Science IDS AND IPS

IDS AND IPS

WIRE SHARK

Wire Shark – www.wireshark.org

Examination of HTTP Request, Cookies, web base forms, and Flash Video File (FLV).

Network Protocol Analyzer

Wireshark is Open Source:

Available for OS:

Windows

Linux

Unix/Apple (Macintosh)

Browser Configuration:

Set to open a blank page first

Purpose to isolate the packets desired for examination

Capture

Interfaces

Identify the interface & corresponding IP addy

Click on Start on the right hand side of the Interface section

Test Websites:

www.httprecipes.com (Heaton Research)

www.httprecipes.com/1/2/cookies.php (Heaton Research)

www.httpresipes.com/1/2/forms.php (Heaton Research)

Start Capture

Stop Capture

Filter:

Expression:

Click on the protocol button to sort protocols alphabetically

Scroll down the expression list

Select HTTP

Select the Apply button

View hits

Select the Clear button

Filter Text box:

As the protocol is typed the back ground of the text box is pink and/or red

The purpose of this would be to identify the protocol

Typing is case sensitive All upper case will return an invalid response

Examine Cookies:

Cookies:

Cookie Exchange requires that each side send a pseudorandom #, the cookie, in the initial message, which the other side acknowledges.

The cookie must depend on the specific parties

It must not be possible for anyone other than the issuing entity to generate cookies that will be accepted by tat entity.

The cookie generation and verification methods must be fast to thwart attacks intended to sabotage processor resources.

Once the browser has set the cookie it must echo the cookie with each request

Search for HTTP / POST command

Web Forms:

Provide a means for an end user to enter data into a web browser.

Data packets transferred through these forms can be captured by a network analyzer

Identify Passwords:

Filter out HTTP Request

POST command

Analyze Follow TCP stream

SSDP = Simple Service Discovery Protocol (SSDP)

Part of the Internet Protocol Suite (IP)

Used to advertise and discover network services

Universal Plug & Play (UPnP)

Described by Internet Engineering Task Force (IETF) Internet draft by Microsoft & Hewlett-Packard in 1999

Text based protocol based in the Hyper Text Transfer Protocol (HTTP/1.1) utilizes the User Datagram Protocol (UDP).

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!