i dont if any one knows how to use cain and abel to sniff external networks
i tried to carry out ethical penetration testing on the my company external network. i only get the IPs of our company, i dont know what to do. but can't i dont if it is possible to do that with cain and able tool
i will grateful for any infos this.
thanks
How to use Cain and Abel tool to sniff external networks?
-
Still_Learning
- Fame ! Where are the chicks?!
- Posts: 1040
- Joined: 11 Jun 2008, 16:00
- 15
- Location: Trigger City
-
bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
yeah, I also recommend to use Wireshark, simply because it's specialized in packet capturing and the choice of professional (at least I never heard of a serious network admin that uses Cain for such issues).
analyzing the traffic is also much better with Wireshark because it offers much more features:
http://www.wireshark.org/
I don't know the topography of your company network, but sniffing packets in promiscuous mode only works when hubs are used or direct connections exist, routers and switches usually make sniffing impossible (if configured properly), because the packets are transfered really only to the destination NIC (and not to every box like via hubs).
analyzing the traffic is also much better with Wireshark because it offers much more features:
http://www.wireshark.org/
I don't know the topography of your company network, but sniffing packets in promiscuous mode only works when hubs are used or direct connections exist, routers and switches usually make sniffing impossible (if configured properly), because the packets are transfered really only to the destination NIC (and not to every box like via hubs).
Well vmware, this sounds like it might be your first time too.
I am not being rude but I am trying to do two things:
1. Keep you from getting a 5 year felony charge, or at least not lose your ISP.
2. Promote ethical hacking
If your company's servers are being hosted by a third party company you are messing with _their_ network and they can get upset. The company could be 'renting' servers from another company - hence the network is not theirs to scan or fux with.
Before you start pen-testing you want to first do a 'fingerprint' of the company network. During the process you will write down what services are running i.e. email- port 25, 110, webhosting - port 80, maybe even FTP 21, MySQL, etc. You also write down what version of software they are using - this is important - because then you will search for exploits related to that software and version. If you have no idea what to do to perform a basic 'fingerprint' of a network, you need to learn the basics before you start playing with scanners.
Certain tools are only good for what they are intended for, I prefer Cain&Able only when I have physical access to the local network. Trying to use a packetsniffer or that app does not work when you are trying to use the internet to get inside the local network.
A good Pen-Test report will include a lot of the boring stuff like what computers and devices are on the network, what programs and versions they have, and how they connect to each other. The exploit research lets them know if they need to upgrade or patch their stuff. You can exploit different areas of the network, the mail system, the databases, the web services. You can attack desktops, routers, or servers. But if you don't have a fingerprint, you haven't got a clue.
If you are just doing this on your own, you can risk getting fired for unauthorized access to a computer or network. If you are just trying to learn something, build your own network or go to school for a computer lab.
Good luck!
DNR
Doing a pen-test is more than just running a sniffer or vuln scanner on your company's IP. Are the company's servers being hosted by a third party? If you don't know this answer you shouldn't be scanning anything. Have you done a Whois on the IPs?I tried to carry out ethical penetration testing on the my company external network. i only get the IPs of our company, i dont know what to do
I am not being rude but I am trying to do two things:
1. Keep you from getting a 5 year felony charge, or at least not lose your ISP.
2. Promote ethical hacking
If your company's servers are being hosted by a third party company you are messing with _their_ network and they can get upset. The company could be 'renting' servers from another company - hence the network is not theirs to scan or fux with.
Before you start pen-testing you want to first do a 'fingerprint' of the company network. During the process you will write down what services are running i.e. email- port 25, 110, webhosting - port 80, maybe even FTP 21, MySQL, etc. You also write down what version of software they are using - this is important - because then you will search for exploits related to that software and version. If you have no idea what to do to perform a basic 'fingerprint' of a network, you need to learn the basics before you start playing with scanners.
Certain tools are only good for what they are intended for, I prefer Cain&Able only when I have physical access to the local network. Trying to use a packetsniffer or that app does not work when you are trying to use the internet to get inside the local network.
A good Pen-Test report will include a lot of the boring stuff like what computers and devices are on the network, what programs and versions they have, and how they connect to each other. The exploit research lets them know if they need to upgrade or patch their stuff. You can exploit different areas of the network, the mail system, the databases, the web services. You can attack desktops, routers, or servers. But if you don't have a fingerprint, you haven't got a clue.
If you are just doing this on your own, you can risk getting fired for unauthorized access to a computer or network. If you are just trying to learn something, build your own network or go to school for a computer lab.
Good luck!
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.