Skip to main content

What is Ettercap ?


Image result for what is ettercapEttercap is a tool made by Alberto Ornaghi (ALoR) and Marco Valleri (NaGA) and is basically a suite for man in the middle attacks on a LAN.
It supports active and passive dissection of many protocols and includes many features for network and host analysis.
It is capable of intercepting traffic on a network segment, capturing passwords, and conducting active eavesdropping against a number of common protocols.
  Ettercap is a free and open source network security tool for man-in-the-middle attacks on LAN.
It can be used for computer network protocol analysis and security auditing.
It runs on various Unix-like operating systems including Linux, Mac OS X, BSD and Solaris, and on Microsoft Windows.
It is capable of intercepting traffic on a network segment, capturing passwords, and conducting active eavesdropping against a number of common protocols.
  Ettercap uses four models:
  IP: The packets are filtered based on source and destination.
MAC: Packet filtering based on MAC address.
ARP: ARP poisoning is used to sniff/hijack switched LAN connections (full-duplex).
Public ARP: ARP poisoning is used to allow sniffing of one host to any other host.
  _________________________
Labels:

Comments

Post a Comment

Popular posts from this blog

What is Port (computer networking)

In the internet protocol suite, a port is an endpoint of communication in an operating system. While the term is also used for female connectors on hardware devices (see computer port), in software it is a logical construct that identifies a specific process or a type of network service. A port is always associated with an IP address of a host and the protocol type of the communication, and thus completes the destination or origination network address of a communication session. A port is identified for each address and protocol by a 16-bit number, commonly known as the port number. For example, an address may be 'protocol: TCP, IP address: 1.2.3.4, port number: 80', which may be written 1.2.3.4:80 when the protocol is known from context. Specific port numbers are often used to identify specific services. _________________________
Post a Comment
Read more

What is a localhost ?

In computer networking, localhost is a hostname that means this computer. It is used to access the network services that are running on the host via its loopback network interface. Using the loopback interface bypasses any local network interface hardware. The local loopback mechanism is useful for testing software during development, independently of any networking configurations. For example, if a computer has been configured to provide a website, directing a locally running web browser to http://localhost may display its home page. On most computer systems, localhost resolves to the IP address 127.0.0.1, which is the most commonly used IPv4 loopback address, and to the IPv6 loopback address. _________________________
Post a Comment
Read more

What is Back Door?

A back door is generally a piece of code intentionally left by the developer of the software or firmware that allows access without going through the normal security process. Back doors may also be the result of different malware/virus attacks that leave a method for remote, unsecured access into a device once the malicious code has been executed. _________________________
Post a Comment
Read more