Universiti Teknologi Malaysia Institutional Repository

Security awareness: A lesson from Tcpdump and Ethereal

Rohani, Mohd Fo’ad and Maarof, Mohd Aizaini and Selamat, Ali (2005) Security awareness: A lesson from Tcpdump and Ethereal. In: Proceedings of the Postgraduate Annual Research Seminar 2005 (PARS 05), 17 – 18 May 2005, FSKSM, UTM.

[img]
Preview
PDF
595Kb

Abstract

Ethernet has survived for several decades as essential media for LAN technology because of its relative inexpensive and reasonably fast. Shared Ethernet uses broadcast technology where CSMA/CD acts as medium access control. CSMA/CD deploys principle of media sharing and the drawback is promiscuous mode, whereby network interface device could intercept all packet frames that traveling on the wire. This has a significant impact on the security of Internet application. HTTP, FTP, E-MAIL and TELNET are daily applications, which offer secure transaction or unsecured transaction. However, users do not aware of the security provided by the services. They usually use unsecured transaction because of simplicity or unaware of security awareness. This behavior is vulnerable to packet-sniffing tools, such as sniffit, tcpdump and ethereal. These tools could intercept the traveling packet and extract sensitive information, such as user login and password or unencrypted data payload. This paper explores network security awareness from the perspective of packet-sniffing tools over unsecured application. The study uses tcpdump and ethereal, which are two of the most popular packet-sniffing tools. From the experiment, it is shown that vital information, such as login and password, could be compromised easily from the packet if users do not consider security awareness seriously.

Item Type:Conference or Workshop Item (Paper)
Uncontrolled Keywords:Security Awareness, Tcpdump, Ethereal, Internet Secured Transaction
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computer Science and Information System (Formerly known)
ID Code:5608
Deposited By: PM Mazleena Salleh
Deposited On:28 May 2008 00:21
Last Modified:01 Jun 2010 15:32

Repository Staff Only: item control page