Nw sniffing project
You can get this project in a very 2 easy simple steps:
1.select the project titles.
2.pay for the project that's it......easy...
- ProJect abstract
- System requirement
- existing & proposed
Network sniffer is a method of determining the available services on a computer by sending packets. It is generally viewed as a reconnaissance activity or information gathering phase distinct from the attack phase. This implies that there will be a gap between the scan and the attack. But there are no technical reasons for separating the reconnaissance activity with the attack phase when fast propagation is a key consideration. This can be achieved with an integrated scan and exploit tool. There is a trade between speed and stealth of the scanning activity.
The motivation of the attacker dictates the choice between speed and stealth. Fast propagation is a kind of brute force scan/attack and is easily detected by the target network security personnel. Some scanning activity is immediately followed by an attack. This is probably to take advantage of zero day exploits. A listening service on a network host is referenced by the combination of its host IP address and the bound port number. A port is a logical address on a machine. There are 65,536 TCP and 65,536 UDP ports on a machine. These are split into three ranges by the Internet Assigned Numbers Authority (IANA)
A port scan may be the precursor to an actual attack, so it is essential for the network administrator to be able to detect it when it occurs. A simple port scan by itself does not harm the host as it concentrates on the Well Known Ports, and is done in a sequential manner. If, on the other hand, enough such simultaneous connect attempts are made, the host's resources may get exhausted and its performance adversely acted, as the connection state has to be maintained.
In order to detect and prevent port scanning, various Intrusion Detection/Prevention System (IDS/IPS) are used. IDS/IPS identics multiple connection request son ports from a single host and automatically blocks the corresponding IP address. The best example of this kind of IDS/IPS is Snort. Distributed port scanning is used to evade detection and avoid the corresponding black listing of the source machine by the target host/network
Existing System :
In network sniffer, attackers scan a number of listening ports on the victim host. This method guarantees that all known vulnerabilities to attackers on the victim host can be discovered, i.e., there is no false negative. However, an exhaustive search is time-consuming. On the other hand, in a port sweep, attackers scan a particular port on the large number of victim hosts. Port sweep can reduce the size of search space significantly, but could ignore vulnerabilities on un-searched ports. It is clear that the optimal strategy is to scan only the common or vulnerable ports. Such strategy is difficult to achieve in practice. It is not uncommon to find attackers that employ a combination of both methods.
Proposed System :
Most network attackers perform port scanning individually, without synchronization, to find victim hosts. Such port scanning schemes suffer from two problems: first, there are too many duplicate scanning’s and too much contention among different port scanners; second, a complete port scanning takes a long time to finish.
At present a fast DHT-based collaborative port scanning scheme that aims to eliminate duplicate scanning, minimize contention, and significantly increase the scanning speed. In collaborative attacks, attackers communicate and collaborate with each other to launch much more powerful attacks.