Schedule

Schedule

Sunday, January 25

1422212400 The Tech Guy
1422226800 This Week in Tech

Monday, January 26

1422295200 Tech News Today
1422298800 Triangulation
1422304200 iPad Today
1422316800 Tech News 2Night

Tuesday, January 27

1422381600 Tech News Today
1422385200 MacBreak Weekly
1422392400 Security Now
1422399600 Before You Buy
1422403200 Tech News 2Night
1422406800 All About Android
1422415800 Padre's Corner

Wednesday, January 28

1422462600 FLOSS Weekly
1422468000 Tech News Today
1422471600 Windows Weekly
1422478800 This Week in Google
1422489600 Tech News 2Night
1422491400 Android App Arena
1422496800 Ham Nation

Thursday, January 29

1422554400 Tech News Today
1422558000 Know How...
1422561600 Marketing Mavericks
1422567000 Coding 101
1422570600 Home Theater Geeks
1422576000 Tech News 2Night
1422577800 The Giz Wiz

Friday, January 30

1422640800 Tech News Today
1422644400 This Week in Law
1422662400 Tech News 2Night

Saturday, January 31

1422730800 The Tech Guy

Sunday, February 1

1422817200 The Tech Guy
1422831600 This Week in Tech

Monday, February 2

1422900000 Tech News Today
1422903600 Triangulation
1422909000 iPad Today
1422921600 Tech News 2Night

Tuesday, February 3

1422986400 Tech News Today
1422990000 MacBreak Weekly
1422997200 Security Now
1423004400 Before You Buy
1423008000 Tech News 2Night
1423011600 All About Android
1423020600 Padre's Corner

Most Recent Episodes

The Tech Guy
The Tech Guy 1155 January 24th, 2015

Is it safe to update Java on Windows XP?

Tech News 2Night
Episode #260: Box's Big IPO January 23rd, 2015

Skymall files for Bankruptcy

This Week in Law

Who should be responsible for determining international cyber law policies?

Tech News Today

Apple Watch battery and Winklevi the NASDAQ of Bitcoin.

This Week in Computer Hardware

GTX 960, Microsoft HaloLens, ECS LIVA X, and more!

Home Theater Geeks

More CES 2015 highlights.

The Giz Wiz

RX Robots, ChargerLeash, BluBed Holster, and more.

Coding 101
Episode #51: Steve Gibson January 22nd, 2015

Creator of SpinRite.

Tech News 2Night

iTunes Makes More Money Than Hollywood

Know How...

All of your quad copter questions.

Know How... 102

Intro to Linux, RC Suspension, & ARP Cache Poisoning Attack

July 17 2014

We talk about the new Raspberry Pi B+, expert guest Aaron Newcomb goes over the different flavors of linux, learn how a remote control car suspension works, and put your black hat on for ARP Cache Poisoning Attack.

News Topic
Raspberry Pi B+ Announced

Linux 101

Aaron Newcomb shows the different flavors of Linux.

Remote Control Car Suspension

Coil Overs and Ball Bearings explained

The ARP Cache Poisoning Attack

The ARP Cache Poisoning Attack
ARP = "Address Resolution Protocol"
MAC = "Media Access Control"

Most of us think that our computers are identified by their IP address.
- However, on an ethernet network, they're actually identified by their MAC address (Media Access Control)
- A MAC is a 6-byte Hexideximal string that looks like, "00:11:aa:bb:cc:dd"

When we connect a computer to a network, it needs to become aware of all the other devices on the network, and all the other devices on the network need to become aware of the device.
- That's what ARP does: It correlates an IP address to a MAC address so that we can find a computer on the network with a particular IP address

Here's how it works:
* Computer A needs to send a file to Computer B
* Computer A knows that Computer B has the IP address of 192.168.1.2
* Computer A does an ARP Broadcast saying, "Hey! Who has the IP address 192.168.1.2?"
* Computer B hears the broadcast and responds, "I Do! 00:00:00:aa:aa:aa"
* Computer A know knows how to send the file to Computer B

Here's how access to the Internet Works:
* Computer A connects to the Network and receives a DHCP address of 192.168.1.3 with a gateway of 192.168.1.1
* It wants to sent data through the gateway to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router(gateway) responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff
* Computer A sends data through the gateway at aa:bb:cc:dd:ee:ff

** Important to note is that all the devices will CACHE that response: so they all know which IPs belong to which MAC addresses.

Here's how a CACHE Poisoning Attack Works:
* Computer A wants to send data to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff"
* The attacking computer takes note that the gateway is at aa:bb:cc:dd:ee
* The attacking computer responds CONTINUOUSLY "I'm 192.168.1.1 22:22:22:22:22:22"
* Computer A sends data through WHAT IT THINKS is the gateway at 22:22:22:22:22:22
* The attacking computer receives the data, sniffs it, then sends it on to the REAL gateway at aa:bb:cc:dd:ee:ff

Using Cain and Abel
1. Download and Install Cain and Abel
2. You may need to disable global taskoffloading (netsh int ip set global taskoffload=disable)
3. Run the Sniffer
4. Switch to the Sniffer tab and hit the "+" icon to add a range scan (Use the IP range you're a part of)
5. Switch to the "ARP" tab at the bottom of the screen
6. Hit the "+" icon to Select your router and the client that you want to poison (or multiple clients)
7. Hit the "ARP" icon in the top bar to start the attack
8. Run Wireshark for more clear information

Connect with us!
Don't forget to check out our large library of projects at www.twit.tv/kh.
- Google+ Community at gplus.to/twitkh
- Tweet at us at @padresj, @Cranky_Hippo and @Anelf3
-Check out our transcripts.