Network Sniffing Basics

Question 1

Promiscuous Mode

Answer 1

Accept packets not intended for your host

Question 2

Sniffing Tools

Answer 2

Wireshark
tcpdump
Various mobile apps
Hardware Sniffers (Network taps)

Question 3

Types of Sniffing

Answer 3

Passive

Active

Question 4

Define Passive Sniffing

Answer 4

Receiving only

Question 5

Define Active Sniffing

Answer 5

Manipulate network to route additional information to the sniffer

Question 6

Explain the CAM table

Answer 6

Content Address Memory table, stores MAC addresses on the switch, VLAN ID, port, mode

Question 7

Explain a CAM attack

Answer 7

Flooding a CAM table to cause fail over to default learning mode like a hub

Question 8

Explain Switch Port Stealing

Answer 8

Fool the switch into thinking a host is on a different port

Question 9

Switch Port Stealing Methods

Answer 9

Spoofing
Flooding
Poisoning

Question 10

MAC Spoofing Tools

Answer 10

macchanger

technitium

Question 11

Define VLAN Hopping

Answer 11

Jumping into a VLAN other than expected VLAN

Question 12

Define Double Tagging

Answer 12

Utilize multiple 802.1q Tags

Question 13

Define STP Attacks

Answer 13

Spanning Tree Protocol attacks, takes over root bridge to acquire all traffic