Schedule

Schedule

Thursday, October 30

1414688400 Tech News Today
1414692000 Know How...
1414695600 Marketing Mavericks
1414701000 Coding 101
1414704600 Home Theater Geeks
1414710000 Tech News 2Night
1414711800 The Giz Wiz

Friday, October 31

1414774800 Tech News Today
1414778400 This Week in Law
1414785600 Android App Arena
1414796400 Tech News 2Night

Saturday, November 1

1414864800 The Tech Guy

Sunday, November 2

1414954800 The Tech Guy
1414969200 This Week in Tech

Monday, November 3

1415037600 Tech News Today
1415041200 Triangulation
1415046600 iPad Today
1415059200 Tech News 2Night

Tuesday, November 4

1415124000 Tech News Today
1415127600 MacBreak Weekly
1415134800 Security Now
1415142000 Before You Buy
1415145600 Tech News 2Night
1415149200 All About Android
1415158200 Padre's Corner

Wednesday, November 5

1415205000 FLOSS Weekly
1415210400 Tech News Today
1415214000 Windows Weekly
1415221200 This Week in Google
1415232000 Tech News 2Night
1415239200 Ham Nation

Thursday, November 6

1415296800 Tech News Today
1415300400 Know How...
1415304000 Marketing Mavericks
1415309400 Coding 101
1415313000 Home Theater Geeks
1415318400 Tech News 2Night
1415320200 The Giz Wiz

Friday, November 7

1415383200 Tech News Today
1415386800 This Week in Law
1415394000 Android App Arena
1415404800 Tech News 2Night

Saturday, November 8

1415473200 The Tech Guy

Most Recent Episodes

Ham Nation

Bob Heil shows how to DX on a vintage station.

This Week in Google

Larry Page hands leadership of many Google products to Sundar Pichai.

Tech News 2Night

Moblie Payment Terminal Wars

iFive for the iPhone

Siri location tip, landscape keyboard.

Windows Weekly
Episode #386: Pom Pom Paul October 29th, 2014

MS Office 15 in 2015 and a $50 Xbox One Holiday price cut.

FLOSS Weekly
Episode #314: CoreOS October 29th, 2014

Linux for Massive Server Deployments.

Tech News Today

FCC wants to bring cable TV to the Internet, UK gets NSA data without warrant, and more.

All About Android
Episode #185: Aspire Higher October 29th, 2014

djay 2 hits Android, threats to NFC payments, and Motorola Droid Turbo.

Padre's Corner

Tim Stevens on tech, journalism, integrity and speed.

Before You Buy

iMac with 5K Retina display review.

Know How... 102

Intro to Linux, RC Suspension, & ARP Cache Poisoning Attack

July 17 2014

We talk about the new Raspberry Pi B+, expert guest Aaron Newcomb goes over the different flavors of linux, learn how a remote control car suspension works, and put your black hat on for ARP Cache Poisoning Attack.

News Topic
Raspberry Pi B+ Announced

Linux 101

Aaron Newcomb shows the different flavors of Linux.

Remote Control Car Suspension

Coil Overs and Ball Bearings explained

The ARP Cache Poisoning Attack

The ARP Cache Poisoning Attack
ARP = "Address Resolution Protocol"
MAC = "Media Access Control"

Most of us think that our computers are identified by their IP address.
- However, on an ethernet network, they're actually identified by their MAC address (Media Access Control)
- A MAC is a 6-byte Hexideximal string that looks like, "00:11:aa:bb:cc:dd"

When we connect a computer to a network, it needs to become aware of all the other devices on the network, and all the other devices on the network need to become aware of the device.
- That's what ARP does: It correlates an IP address to a MAC address so that we can find a computer on the network with a particular IP address

Here's how it works:
* Computer A needs to send a file to Computer B
* Computer A knows that Computer B has the IP address of 192.168.1.2
* Computer A does an ARP Broadcast saying, "Hey! Who has the IP address 192.168.1.2?"
* Computer B hears the broadcast and responds, "I Do! 00:00:00:aa:aa:aa"
* Computer A know knows how to send the file to Computer B

Here's how access to the Internet Works:
* Computer A connects to the Network and receives a DHCP address of 192.168.1.3 with a gateway of 192.168.1.1
* It wants to sent data through the gateway to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router(gateway) responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff
* Computer A sends data through the gateway at aa:bb:cc:dd:ee:ff

** Important to note is that all the devices will CACHE that response: so they all know which IPs belong to which MAC addresses.

Here's how a CACHE Poisoning Attack Works:
* Computer A wants to send data to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff"
* The attacking computer takes note that the gateway is at aa:bb:cc:dd:ee
* The attacking computer responds CONTINUOUSLY "I'm 192.168.1.1 22:22:22:22:22:22"
* Computer A sends data through WHAT IT THINKS is the gateway at 22:22:22:22:22:22
* The attacking computer receives the data, sniffs it, then sends it on to the REAL gateway at aa:bb:cc:dd:ee:ff

Using Cain and Abel
1. Download and Install Cain and Abel
2. You may need to disable global taskoffloading (netsh int ip set global taskoffload=disable)
3. Run the Sniffer
4. Switch to the Sniffer tab and hit the "+" icon to add a range scan (Use the IP range you're a part of)
5. Switch to the "ARP" tab at the bottom of the screen
6. Hit the "+" icon to Select your router and the client that you want to poison (or multiple clients)
7. Hit the "ARP" icon in the top bar to start the attack
8. Run Wireshark for more clear information

Connect with us!
Don't forget to check out our large library of projects at www.twit.tv/kh.
- Google+ Community at gplus.to/twitkh
- Tweet at us at @padresj, @Cranky_Hippo and @Anelf3
-Check out our transcripts.