Re: I'm Attending Defcon this August, advice?

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Lisa Kachold
Date:  
To: Main PLUG discussion list
Subject: Re: I'm Attending Defcon this August, advice?
Any site you contact can become a Man in the Middle Target on a shared
network.

sslstrip will give the attacker targeting you (arp spoofing your connection
between the router) a list of usernames, passwords and URL's for every
sight you visit.


On Fri, Apr 19, 2013 at 10:19 AM, Ted Gould <> wrote:

> **
> On Fri, 2013-04-19 at 09:16 -0700, Lisa Kachold wrote:
>
> arpspoof [arp rarp nature of tcp/ip and the linux kernel]
>
> sslstrip [sslstrip decode packets including auth/password and url - run
> tool to get a list of everything victim sends out or accesses]
>
>
> So you're assuming that I wouldn't request the SSL connection initially
> and that the site provides a non-SSL version of its contents. Neither of
> those scare me, but I could see where that could get some people.
>
>
> PLUG Hackfests at DeVry University 2nd Saturday 10:00 - 2:00 PM -
> Lab/Presentation Hackfest with targets and trainers
>
>
> Unfortunately a bit far for me to travel these days, or I would :-)
>
> Ted
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>




--

(503) 754-4452 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
it-clowns.com
Chief Clown
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss