Network Security Monitoring and Behavior Analysis
In this example, the intruder gains access to username/password information and sensitive
routing protocol data using an Ethernet packet decoder such as EtherPeek. The data packets
being sent are captured by the laptop running EtherPeek; the program decodes the hex data
into human-readable form. After obtaining access to information, the intruder can use this
information to gain access to a machine and then possibly copy-restricted, private infor-
mation and programs. The intruder may also subsequently have the capability to tamper
with an asset; that is, the intruder may modify records on a server or change the content of
the routing information....