HackFest Series: Using Cain for Man in Middle Attacks (ARP ARP ARP)
Lisa Kachold
lisakachold at obnosis.com
Sun Nov 30 14:34:35 MST 2008
ArpSpoofing 101:
http://www.irongeek.com/i.php?page=security/arpspoof
Video Demonstration:
http://www.irongeek.com/i.php?page=videos/using-cain-to-do-a-man-in-the-middle-attack-by-arp-poisoning
An educator, Irongeek has developed presentation materials that touch on Cain, kernel IP Forwarding, Ettercap, Arptables and Dsniff to demonstrate principles of encrypted and unencryted protocols "Man in the Middle Attacks" or other interception on shared networks (wired and wireless).
Protecting against arpspoofing includes:
Static ARP Entries in the Cache (Windows) or arptables/EBtables (Nix)
ARPWatch ( http://www-nrg.ee.lbl.gov/ )
Switches and firewalls have limited capacity to protect against this exploit of the protocol design.
See also IronGeek's Mac Address Change HowTo:
http://www.irongeek.com/i.php?page=security/changemac
www.Obnosis.com | http://en.wiktionary.org/wiki/Citations:obnosis |
http://www.urbandictionary.com/define.php?term=obnosis (503)754-4452
Catch the January PLUG HackFest! Kristy Westphal, CSO for the Arizona Department of Economic
Security will provide a one hour
presentation on forensics.
Laugh at this MSN Footer:
_________________________________________________________________
Proud to be a PC? Show the world. Download the “I’m a PC” Messenger themepack now.
hthttp://clk.atdmt.com/MRT/go/119642558/direct/01/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20081130/d6d1552d/attachment.htm
More information about the PLUG-discuss
mailing list