Rohani, Mohd Foâ€™ad and Maarof, Mohd Aizaini and Selamat, Ali (2005) Security awareness: A lesson from Tcpdump and Ethereal. In: Proceedings of the Postgraduate Annual Research Seminar 2005 (PARS 05), 17 â€“ 18 May 2005, FSKSM, UTM.
Ethernet has survived for several decades as essential media for LAN technology because of its relative inexpensive and reasonably fast. Shared Ethernet uses broadcast technology where CSMA/CD acts as medium access control. CSMA/CD deploys principle of media sharing and the drawback is promiscuous mode, whereby network interface device could intercept all packet frames that traveling on the wire. This has a significant impact on the security of Internet application. HTTP, FTP, E-MAIL and TELNET are daily applications, which offer secure transaction or unsecured transaction. However, users do not aware of the security provided by the services. They usually use unsecured transaction because of simplicity or unaware of security awareness. This behavior is vulnerable to packet-sniffing tools, such as sniffit, tcpdump and ethereal. These tools could intercept the traveling packet and extract sensitive information, such as user login and password or unencrypted data payload. This paper explores network security awareness from the perspective of packet-sniffing tools over unsecured application. The study uses tcpdump and ethereal, which are two of the most popular packet-sniffing tools. From the experiment, it is shown that vital information, such as login and password, could be compromised easily from the packet if users do not consider security awareness seriously.
|Item Type:||Conference or Workshop Item (Paper)|
|Uncontrolled Keywords:||Security Awareness, Tcpdump, Ethereal, Internet Secured Transaction|
|Subjects:||Q Science > QA Mathematics > QA75 Electronic computers. Computer science|
|Divisions:||Computer Science and Information System|
|Deposited By:||PM Mazleena Salleh|
|Deposited On:||28 May 2008 00:21|
|Last Modified:||01 Jun 2010 15:32|
Repository Staff Only: item control page