Schedule

Schedule

Monday, September 1

1409590800 Tech News Today
1409594400 Triangulation
1409599800 iPad Today
1409612400 Tech News 2Night
1409614200 Marketing Mavericks

Tuesday, September 2

1409677200 Tech News Today
1409680800 MacBreak Weekly
1409688000 Security Now
1409695200 Before You Buy
1409698800 Tech News 2Night
1409702400 All About Android
1409711400 Padre's Corner

Wednesday, September 3

1409758200 FLOSS Weekly
1409763600 Tech News Today
1409767200 Windows Weekly
1409774400 This Week in Google
1409785200 Tech News 2Night
1409787000 redditUP
1409792400 Ham Nation

Thursday, September 4

1409850000 Tech News Today
1409853600 Know How...
1409857200 The Social Hour
1409862600 Coding 101
1409866200 Home Theater Geeks
1409871600 Tech News 2Night
1409873400 The Giz Wiz
1409882400 OMGcraft

Friday, September 5

1409936400 Tech News Today
1409940000 This Week in Law
1409947200 Android App Arena
1409958000 Tech News 2Night

Saturday, September 6

1410026400 The Tech Guy

Sunday, September 7

1410112800 The Tech Guy
1410127200 This Week in Tech

Monday, September 8

1410195600 Tech News Today
1410199200 Triangulation
1410204600 iPad Today
1410217200 Tech News 2Night
1410219000 Marketing Mavericks

Tuesday, September 9

1410282000 Tech News Today
1410285600 MacBreak Weekly
1410292800 Security Now
1410300000 Before You Buy
1410303600 Tech News 2Night
1410307200 All About Android
1410316200 Padre's Corner

Wednesday, September 10

1410363000 FLOSS Weekly
1410368400 Tech News Today
1410372000 Windows Weekly
1410379200 This Week in Google
1410390000 Tech News 2Night
1410391800 redditUP
1410397200 Ham Nation

Most Recent Episodes

This Week in Tech

Virtual nausea, Uber vs. Lyft, smart phone kill switch, and more.

The Tech Guy
The Tech Guy 1114 August 31st, 2014

How reliable are SSDs?

The Tech Guy
The Tech Guy 1113 August 30th, 2014

Is a Chromebook a suitable replacement for an old computer?

Tech News 2Night

Facebook status updates are now searchable on mobile.

This Week in Law

Google receives 1 million DMCA takedown notices a day.

Android App Arena

A collection of games that are best played while wearing headphones.

Tech News Today

Microsoft's MSN Messenger is shutting down for good.

This Week in Computer Hardware

Haswell-E leak and 8TB hard drives.

Home Theater Geeks

Blind Audio Testing

Tech News 2Night

Apple announces Sept. 9th event.

Know How... 102

Intro to Linux, RC Suspension, & ARP Cache Poisoning Attack

July 17 2014

We talk about the new Raspberry Pi B+, expert guest Aaron Newcomb goes over the different flavors of linux, learn how a remote control car suspension works, and put your black hat on for ARP Cache Poisoning Attack.

News Topic
Raspberry Pi B+ Announced

Linux 101

Aaron Newcomb shows the different flavors of Linux.

Remote Control Car Suspension

Coil Overs and Ball Bearings explained

The ARP Cache Poisoning Attack

The ARP Cache Poisoning Attack
ARP = "Address Resolution Protocol"
MAC = "Media Access Control"

Most of us think that our computers are identified by their IP address.
- However, on an ethernet network, they're actually identified by their MAC address (Media Access Control)
- A MAC is a 6-byte Hexideximal string that looks like, "00:11:aa:bb:cc:dd"

When we connect a computer to a network, it needs to become aware of all the other devices on the network, and all the other devices on the network need to become aware of the device.
- That's what ARP does: It correlates an IP address to a MAC address so that we can find a computer on the network with a particular IP address

Here's how it works:
* Computer A needs to send a file to Computer B
* Computer A knows that Computer B has the IP address of 192.168.1.2
* Computer A does an ARP Broadcast saying, "Hey! Who has the IP address 192.168.1.2?"
* Computer B hears the broadcast and responds, "I Do! 00:00:00:aa:aa:aa"
* Computer A know knows how to send the file to Computer B

Here's how access to the Internet Works:
* Computer A connects to the Network and receives a DHCP address of 192.168.1.3 with a gateway of 192.168.1.1
* It wants to sent data through the gateway to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router(gateway) responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff
* Computer A sends data through the gateway at aa:bb:cc:dd:ee:ff

** Important to note is that all the devices will CACHE that response: so they all know which IPs belong to which MAC addresses.

Here's how a CACHE Poisoning Attack Works:
* Computer A wants to send data to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff"
* The attacking computer takes note that the gateway is at aa:bb:cc:dd:ee
* The attacking computer responds CONTINUOUSLY "I'm 192.168.1.1 22:22:22:22:22:22"
* Computer A sends data through WHAT IT THINKS is the gateway at 22:22:22:22:22:22
* The attacking computer receives the data, sniffs it, then sends it on to the REAL gateway at aa:bb:cc:dd:ee:ff

Using Cain and Abel
1. Download and Install Cain and Abel
2. You may need to disable global taskoffloading (netsh int ip set global taskoffload=disable)
3. Run the Sniffer
4. Switch to the Sniffer tab and hit the "+" icon to add a range scan (Use the IP range you're a part of)
5. Switch to the "ARP" tab at the bottom of the screen
6. Hit the "+" icon to Select your router and the client that you want to poison (or multiple clients)
7. Hit the "ARP" icon in the top bar to start the attack
8. Run Wireshark for more clear information

Connect with us!
Don't forget to check out our large library of projects at www.twit.tv/kh.
- Google+ Community at gplus.to/twitkh
- Tweet at us at @padresj, @Cranky_Hippo and @Anelf3
-Check out our transcripts.