Using Passive Network Discovery to Fingerprint Vulnerabilities within Ethernet Broadcast Frames.

This paper examines how open source embedded network tools were used to perform persistent internal audits of Ethernet Local Area Network broadcast traffic. The initial requirements to define the project phases were developed based on the analysis of each open source learning stage. Open Source UNIX version, Unbuntu, was selected as the platform to prototype because of its ease of use and usable business productivity, internet, drawing and graphics applications. To understand why hosts within the ONR LAB were experiencing a decrease in system performance and transmission speed. A Passive Network Discovery of Ethernet Broadcast Frames was captured and analyzed to determine if Local Area Network traffic between the local and foreign hosts is malicious or valid. The identification of remote active nodes and their system information was collected to build a resource map of all remote hosts requesting services from hosts within the ONR Lab and listing of local hosts listening ports and services running on those ports. The passive analysis approach was selected by the ONR UNIX Network Administration Team, because the collection of active LAN traffic would be not impact ECSU’s LAN/WAN assets. Moreover, this paper goal is to show that persistent packet monitoring of Ethernet traffic can identify weaknesses that reduce LAN performance and possibly harm valuable assets used to support major and/or general support systems.