Aim:-Working with sniffers for monitoring network communication.

What is Wireshark?

Wireshark is a network packet analyzer. A network packet analyzer will try to capture network
packets and tries to display that packet data as detailed as possible.

Wireshark is a packet sniffer

• The basic tool for observing the messages exchanged between executing protocol entities is
called a packet sniffer.

• A packet sniffer itself is passive.

• It observes messages being sent and received by applications and protocols running on your
computer, but never sends packets itself. Similarly, received packets are never explicitly addressed
to the packet sniffer.

Some intended purposes

Here are some examples people use Wireshark for:

 Network administrators use it to troubleshoot network problems

 Network security engineers use it to examine security problems
 QA engineers use it to verify network applications
 Developers use it to debug protocol implementations
 People use it to learn network protocol internals

Features

The following are some of the many features Wireshark provides:

 Available for UNIX and Windows.

 Capture live packet data from a network interface.
 Open files containing packet data captured with tcpdump/WinDump, Wireshark, and a
number of other packet capture programs.
 Import packets from text files containing hex dumps of packet data.
 Display packets with very detailed protocol information.
 Save packet data captured.
 Export some or all packets in a number of capture file formats.
 Filter packets on many criteria.
 Search for packets on many criteria.
 Colorize packet display based on filters.
 Create various statistics.
 …and a lot more
 Practical No: 2

Aim :-Using GnuPG

GnuPG is a complete and free implementation of the OpenPGP standard as defined

by RFC4880 (also known as PGP). GnuPG allows you to encrypt and sign your data and
communications; it features a versatile key management system, along with access modules for
all kinds of public key directories. GnuPG, also known as GPG, is a command line tool with
features for easy integration with other applications. A wealth of frontend
applications and libraries are available. GnuPG also provides support for S/MIME and Secure
Shell (ssh).

How Public Key Encryption Works

A problem that many users face is how to communicate securely and validate the identity of the
party they are talking to. Many schemes that attempt to answer this question require, at least at
some point, the transfer of a password or other identifying credentials, over an insecure medium.

Ensure That Only the Intended Party Can Read

To get around this issue, GPG relies on a security concept known as public key encryption. The
idea is that you can split the encrypting and decrypting stages of the transmission into two
separate pieces. That way, you can freely distribute the encrypting portion, as long as you secure
the decrypting portion.

This would allow for a one-way message transfer that can be created and encrypted by anyone,
but only be decrypted by the designated user (the one with the private decrypting key). If both of
the parties create public/private key pairs and give each other their public encrypting keys, they
can both encrypt messages to each other.

So in this scenario, each party has their own private key and the other user's public key.

Validate the Identity of the Sender

Another benefit of this system is that the sender of a message can "sign" the message with their
private key. The public key that the receiver has can be used to verify that the signature is
actually being sent by the indicated user.