Schedule

Schedule

Thursday, July 24

1406221200 Tech News Today
1406224800 Know How...
1406228400 The Social Hour
1406233800 Coding 101
1406237400 Home Theater Geeks
1406242800 Tech News 2Night
1406246400 OMGcraft

Friday, July 25

1406307600 Tech News Today
1406311200 This Week in Law
1406318400 Android App Arena
1406329200 Tech News 2Night

Saturday, July 26

1406397600 The Tech Guy

Sunday, July 27

1406484000 The Tech Guy
1406498400 This Week in Tech

Monday, July 28

1406566800 Tech News Today
1406570400 Triangulation
1406575800 iPad Today
1406588400 Tech News 2Night
1406590200 Marketing Mavericks

Tuesday, July 29

1406653200 Tech News Today
1406656800 MacBreak Weekly
1406664000 Security Now
1406671200 Before You Buy
1406674800 Tech News 2Night
1406678400 All About Android

Wednesday, July 30

1406734200 FLOSS Weekly
1406739600 Tech News Today
1406743200 Windows Weekly
1406750400 This Week in Google
1406761200 Tech News 2Night
1406763000 The Giz Wiz
1406768400 Ham Nation

Thursday, July 31

1406826000 Tech News Today
1406829600 Know How...
1406833200 The Social Hour
1406838600 Coding 101
1406842200 Home Theater Geeks
1406847600 Tech News 2Night
1406851200 OMGcraft

Friday, August 1

1406912400 Tech News Today
1406916000 This Week in Law
1406923200 Android App Arena
1406934000 Tech News 2Night

Saturday, August 2

1407002400 The Tech Guy

Most Recent Episodes

The Giz Wiz

Pond Wireless Charging demonstration.

Windows Weekly

What does 'One Windows' mean?

This Week in Google

Unlock your smartphone with a tattoo!

iFive for the iPhone

Siri airplane tip, Group Photo Stream tricks, Lookout for lost iPhone.

Tech News 2Night

Facebook's record mobile earnings.

FLOSS Weekly
Episode #302: Open Mirage July 23rd, 2014

Mirage OS is a library OS that works across a variety of cloud computing and mobile platforms.

Tech News Today

The good side of drones.

All About Android

Google's enterprise vision for Android.

Before You Buy

Jason Howell previews the OnePlus One smartphone.

Security Now

To what degree is iOS a Surveillance tool?

Know How... 102

Intro to Linux, RC Suspension, & ARP Cache Poisoning Attack

July 17 2014

We talk about the new Raspberry Pi B+, expert guest Aaron Newcomb goes over the different flavors of linux, learn how a remote control car suspension works, and put your black hat on for ARP Cache Poisoning Attack.

News Topic
Raspberry Pi B+ Announced

Linux 101

Aaron Newcomb shows the different flavors of Linux.

Remote Control Car Suspension

Coil Overs and Ball Bearings explained

The ARP Cache Poisoning Attack

The ARP Cache Poisoning Attack
ARP = "Address Resolution Protocol"
MAC = "Media Access Control"

Most of us think that our computers are identified by their IP address.
- However, on an ethernet network, they're actually identified by their MAC address (Media Access Control)
- A MAC is a 6-byte Hexideximal string that looks like, "00:11:aa:bb:cc:dd"

When we connect a computer to a network, it needs to become aware of all the other devices on the network, and all the other devices on the network need to become aware of the device.
- That's what ARP does: It correlates an IP address to a MAC address so that we can find a computer on the network with a particular IP address

Here's how it works:
* Computer A needs to send a file to Computer B
* Computer A knows that Computer B has the IP address of 192.168.1.2
* Computer A does an ARP Broadcast saying, "Hey! Who has the IP address 192.168.1.2?"
* Computer B hears the broadcast and responds, "I Do! 00:00:00:aa:aa:aa"
* Computer A know knows how to send the file to Computer B

Here's how access to the Internet Works:
* Computer A connects to the Network and receives a DHCP address of 192.168.1.3 with a gateway of 192.168.1.1
* It wants to sent data through the gateway to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router(gateway) responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff
* Computer A sends data through the gateway at aa:bb:cc:dd:ee:ff

** Important to note is that all the devices will CACHE that response: so they all know which IPs belong to which MAC addresses.

Here's how a CACHE Poisoning Attack Works:
* Computer A wants to send data to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff"
* The attacking computer takes note that the gateway is at aa:bb:cc:dd:ee
* The attacking computer responds CONTINUOUSLY "I'm 192.168.1.1 22:22:22:22:22:22"
* Computer A sends data through WHAT IT THINKS is the gateway at 22:22:22:22:22:22
* The attacking computer receives the data, sniffs it, then sends it on to the REAL gateway at aa:bb:cc:dd:ee:ff

Using Cain and Abel
1. Download and Install Cain and Abel
2. You may need to disable global taskoffloading (netsh int ip set global taskoffload=disable)
3. Run the Sniffer
4. Switch to the Sniffer tab and hit the "+" icon to add a range scan (Use the IP range you're a part of)
5. Switch to the "ARP" tab at the bottom of the screen
6. Hit the "+" icon to Select your router and the client that you want to poison (or multiple clients)
7. Hit the "ARP" icon in the top bar to start the attack
8. Run Wireshark for more clear information

Connect with us!
Don't forget to check out our large library of projects at www.twit.tv/kh.
- Google+ Community at gplus.to/twitkh
- Tweet at us at @padresj, @Cranky_Hippo and @Anelf3