Schedule

Schedule

Monday, March 30

1427734800 Tech News Today
1427738400 Triangulation
1427743800 iPad Today
1427751000 Coding 101
1427756400 Tech News 2Night

Tuesday, March 31

1427821200 Tech News Today
1427824800 MacBreak Weekly
1427833800 Security Now
1427842800 Tech News 2Night
1427846400 All About Android

Wednesday, April 1

1427902200 FLOSS Weekly
1427907600 Tech News Today
1427911200 Windows Weekly
1427918400 This Week in Google
1427929200 Tech News 2Night
1427931000 Android App Arena
1427936400 Ham Nation

Thursday, April 2

1427994000 Tech News Today
1427997600 Know How...
1428003000 Marketing Mavericks
1428008400 Home Theater Geeks
1428015600 Tech News 2Night
1428017400 The Giz Wiz

Friday, April 3

1428080400 Tech News Today
1428084000 This Week in Law
1428094800 Before You Buy
1428102000 Tech News 2Night
1428105600 Padre's Corner

Saturday, April 4

1428170400 The Tech Guy

Sunday, April 5

1428256800 The Tech Guy
1428271200 This Week in Tech

Monday, April 6

1428339600 Tech News Today
1428343200 Triangulation
1428348600 iPad Today
1428355800 Coding 101
1428361200 Tech News 2Night

Tuesday, April 7

1428426000 Tech News Today
1428429600 MacBreak Weekly
1428438600 Security Now
1428447600 Tech News 2Night
1428451200 All About Android

Wednesday, April 8

1428507000 FLOSS Weekly
1428512400 Tech News Today
1428516000 Windows Weekly
1428523200 This Week in Google
1428534000 Tech News 2Night
1428535800 Android App Arena
1428541200 Ham Nation

Most Recent Episodes

This Week in Tech
Episode #503: Barbie Speaks March 29th, 2015

Gender bias in tech, tech philanthropy, Wi-Fi Barbie, Facebook F8, and more.

The Tech Guy
The Tech Guy 1174 March 29th, 2015

How to avoid being tracked by spammers.

The Tech Guy
The Tech Guy 1173 March 28th, 2015

Meerkat vs. Periscope

This Week in Enterprise Tech

HP Aims New Rack at Open Stack Developers

Before You Buy

Parrot Bebop Preview, Vivitek Qumi Q5 projector

Tech News 2Night

Tech elite likes to go racing

This Week in Law

Creative Commons Licenses 101 with Sarah Pearson.

Tech News Today

Blackberry posts a profit!

This Week in Computer Hardware

Silverstone Fortress FT05 case, Dell XPS 13 review, and Corsair Dominator memory kits.

The Giz Wiz

Condiments for pets, mini tennis ball launcher, Goatee Saver, and more.

Know How... 102

Intro to Linux, RC Suspension, & ARP Cache Poisoning Attack

July 17 2014

We talk about the new Raspberry Pi B+, expert guest Aaron Newcomb goes over the different flavors of linux, learn how a remote control car suspension works, and put your black hat on for ARP Cache Poisoning Attack.

News Topic
Raspberry Pi B+ Announced

Linux 101

Aaron Newcomb shows the different flavors of Linux.

Remote Control Car Suspension

Coil Overs and Ball Bearings explained

The ARP Cache Poisoning Attack

The ARP Cache Poisoning Attack
ARP = "Address Resolution Protocol"
MAC = "Media Access Control"

Most of us think that our computers are identified by their IP address.
- However, on an ethernet network, they're actually identified by their MAC address (Media Access Control)
- A MAC is a 6-byte Hexideximal string that looks like, "00:11:aa:bb:cc:dd"

When we connect a computer to a network, it needs to become aware of all the other devices on the network, and all the other devices on the network need to become aware of the device.
- That's what ARP does: It correlates an IP address to a MAC address so that we can find a computer on the network with a particular IP address

Here's how it works:
* Computer A needs to send a file to Computer B
* Computer A knows that Computer B has the IP address of 192.168.1.2
* Computer A does an ARP Broadcast saying, "Hey! Who has the IP address 192.168.1.2?"
* Computer B hears the broadcast and responds, "I Do! 00:00:00:aa:aa:aa"
* Computer A know knows how to send the file to Computer B

Here's how access to the Internet Works:
* Computer A connects to the Network and receives a DHCP address of 192.168.1.3 with a gateway of 192.168.1.1
* It wants to sent data through the gateway to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router(gateway) responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff
* Computer A sends data through the gateway at aa:bb:cc:dd:ee:ff

** Important to note is that all the devices will CACHE that response: so they all know which IPs belong to which MAC addresses.

Here's how a CACHE Poisoning Attack Works:
* Computer A wants to send data to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff"
* The attacking computer takes note that the gateway is at aa:bb:cc:dd:ee
* The attacking computer responds CONTINUOUSLY "I'm 192.168.1.1 22:22:22:22:22:22"
* Computer A sends data through WHAT IT THINKS is the gateway at 22:22:22:22:22:22
* The attacking computer receives the data, sniffs it, then sends it on to the REAL gateway at aa:bb:cc:dd:ee:ff

Using Cain and Abel
1. Download and Install Cain and Abel
2. You may need to disable global taskoffloading (netsh int ip set global taskoffload=disable)
3. Run the Sniffer
4. Switch to the Sniffer tab and hit the "+" icon to add a range scan (Use the IP range you're a part of)
5. Switch to the "ARP" tab at the bottom of the screen
6. Hit the "+" icon to Select your router and the client that you want to poison (or multiple clients)
7. Hit the "ARP" icon in the top bar to start the attack
8. Run Wireshark for more clear information

Connect with us!
Don't forget to check out our large library of projects at www.twit.tv/kh.
- Google+ Community at gplus.to/twitkh
- Tweet at us at @padresj, @Cranky_Hippo and @Anelf3
-Check out our transcripts.