Schedule

Schedule

Wednesday, August 20

1408548600 FLOSS Weekly
1408554000 Tech News Today
1408557600 Windows Weekly
1408564800 This Week in Google
1408575600 Tech News 2Night
1408577400 redditUP
1408582800 Ham Nation

Thursday, August 21

1408640400 Tech News Today
1408644000 Know How...
1408647600 The Social Hour
1408653000 Coding 101
1408656600 Home Theater Geeks
1408662000 Tech News 2Night
1408663800 The Giz Wiz
1408672800 OMGcraft

Friday, August 22

1408726800 Tech News Today
1408730400 This Week in Law
1408737600 Android App Arena
1408748400 Tech News 2Night

Saturday, August 23

1408816800 The Tech Guy

Sunday, August 24

1408903200 The Tech Guy
1408917600 This Week in Tech

Monday, August 25

1408986000 Tech News Today
1408989600 Triangulation
1408995000 iPad Today
1409007600 Tech News 2Night
1409009400 Marketing Mavericks

Tuesday, August 26

1409072400 Tech News Today
1409076000 MacBreak Weekly
1409083200 Security Now
1409090400 Before You Buy
1409094000 Tech News 2Night
1409097600 All About Android
1409106600 Padre's Corner

Wednesday, August 27

1409153400 FLOSS Weekly
1409158800 Tech News Today
1409162400 Windows Weekly
1409169600 This Week in Google
1409180400 Tech News 2Night
1409182200 redditUP
1409187600 Ham Nation

Thursday, August 28

1409245200 Tech News Today
1409248800 Know How...
1409252400 The Social Hour
1409257800 Coding 101
1409261400 Home Theater Geeks
1409266800 Tech News 2Night
1409268600 The Giz Wiz
1409277600 OMGcraft

Friday, August 29

1409331600 Tech News Today
1409335200 This Week in Law
1409342400 Android App Arena
1409353200 Tech News 2Night

Most Recent Episodes

All About Android

How do parents have complete control over their kid's Android phones?

Before You Buy

Lenovo Chromebook review.

Security Now

Delaware legislation gives heirs access to a deceased member's digital assets.

Tech News 2Night

Apple stock at an an all-time high.

MacBreak Weekly

Apple granted curved touch display patent.

OMGcraft

Set traps in Minecraft.

Tech News Today

HTC releases a Windows Phone version of the HTC One smartphone.

Marketing Mavericks

OnePlus' marketing fail, going viral with the #icebucketchallenge, and is the internet getting stup

This Week in Enterprise Tech

FCC to enhance 911 location services

Tech News 2Night

Twitter gets more likes than Facebook

Know How... 102

Intro to Linux, RC Suspension, & ARP Cache Poisoning Attack

July 17 2014

We talk about the new Raspberry Pi B+, expert guest Aaron Newcomb goes over the different flavors of linux, learn how a remote control car suspension works, and put your black hat on for ARP Cache Poisoning Attack.

News Topic
Raspberry Pi B+ Announced

Linux 101

Aaron Newcomb shows the different flavors of Linux.

Remote Control Car Suspension

Coil Overs and Ball Bearings explained

The ARP Cache Poisoning Attack

The ARP Cache Poisoning Attack
ARP = "Address Resolution Protocol"
MAC = "Media Access Control"

Most of us think that our computers are identified by their IP address.
- However, on an ethernet network, they're actually identified by their MAC address (Media Access Control)
- A MAC is a 6-byte Hexideximal string that looks like, "00:11:aa:bb:cc:dd"

When we connect a computer to a network, it needs to become aware of all the other devices on the network, and all the other devices on the network need to become aware of the device.
- That's what ARP does: It correlates an IP address to a MAC address so that we can find a computer on the network with a particular IP address

Here's how it works:
* Computer A needs to send a file to Computer B
* Computer A knows that Computer B has the IP address of 192.168.1.2
* Computer A does an ARP Broadcast saying, "Hey! Who has the IP address 192.168.1.2?"
* Computer B hears the broadcast and responds, "I Do! 00:00:00:aa:aa:aa"
* Computer A know knows how to send the file to Computer B

Here's how access to the Internet Works:
* Computer A connects to the Network and receives a DHCP address of 192.168.1.3 with a gateway of 192.168.1.1
* It wants to sent data through the gateway to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router(gateway) responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff
* Computer A sends data through the gateway at aa:bb:cc:dd:ee:ff

** Important to note is that all the devices will CACHE that response: so they all know which IPs belong to which MAC addresses.

Here's how a CACHE Poisoning Attack Works:
* Computer A wants to send data to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff"
* The attacking computer takes note that the gateway is at aa:bb:cc:dd:ee
* The attacking computer responds CONTINUOUSLY "I'm 192.168.1.1 22:22:22:22:22:22"
* Computer A sends data through WHAT IT THINKS is the gateway at 22:22:22:22:22:22
* The attacking computer receives the data, sniffs it, then sends it on to the REAL gateway at aa:bb:cc:dd:ee:ff

Using Cain and Abel
1. Download and Install Cain and Abel
2. You may need to disable global taskoffloading (netsh int ip set global taskoffload=disable)
3. Run the Sniffer
4. Switch to the Sniffer tab and hit the "+" icon to add a range scan (Use the IP range you're a part of)
5. Switch to the "ARP" tab at the bottom of the screen
6. Hit the "+" icon to Select your router and the client that you want to poison (or multiple clients)
7. Hit the "ARP" icon in the top bar to start the attack
8. Run Wireshark for more clear information

Connect with us!
Don't forget to check out our large library of projects at www.twit.tv/kh.
- Google+ Community at gplus.to/twitkh
- Tweet at us at @padresj, @Cranky_Hippo and @Anelf3
-Check out our transcripts.