Schedule

Schedule

Sunday, April 19

1429480800 This Week in Tech

Monday, April 20

1429549200 Tech News Today
1429552800 Triangulation
1429558200 iPad Today
1429565400 Coding 101
1429570800 Tech News 2Night

Tuesday, April 21

1429635600 Tech News Today
1429639200 MacBreak Weekly
1429648200 Security Now
1429657200 Tech News 2Night
1429660800 All About Android

Wednesday, April 22

1429716600 FLOSS Weekly
1429722000 Tech News Today
1429725600 Windows Weekly
1429732800 This Week in Google
1429743600 Tech News 2Night
1429745400 Android App Arena
1429750800 Ham Nation

Thursday, April 23

1429808400 Tech News Today
1429812000 Know How...
1429817400 Marketing Mavericks
1429822800 Home Theater Geeks
1429830000 Tech News 2Night
1429831800 The Giz Wiz

Friday, April 24

1429894800 Tech News Today
1429898400 This Week in Law
1429909200 Before You Buy
1429916400 Tech News 2Night

Saturday, April 25

1429984800 The Tech Guy

Sunday, April 26

1430071200 The Tech Guy
1430085600 This Week in Tech

Monday, April 27

1430154000 Tech News Today
1430157600 Triangulation
1430163000 iPad Today
1430170200 Coding 101
1430175600 Tech News 2Night

Tuesday, April 28

1430240400 Tech News Today
1430244000 MacBreak Weekly
1430253000 Security Now
1430262000 Tech News 2Night
1430265600 All About Android

Wednesday, April 29

1430321400 FLOSS Weekly
1430326800 Tech News Today
1430330400 Windows Weekly

Most Recent Episodes

The Tech Guy
The Tech Guy 1179 April 18th, 2015

Can I still back up off-site when internet connection is unreliable?

Before You Buy

First looks at the 3DR Solo Drone and Sony HDR 4K Monitors at NAB.

This Week in Enterprise Tech

AT&T suing the FCC, Skype for Business, and Android is ready for work.

Tech News 2Night

What's so great about Slack?

This Week in Law

Co-founder of Invisible Girlfriend Matt Homann and crowd-sourced labor.

Tech News Today

Google now shows Apps in search results, on Android devices.

This Week in Computer Hardware

Intel Skylake Leaks!

The Giz Wiz

Onewheel, ThinkPad Stacks, Epson HD Whiteboard, and more.

Tech News 2Night

The best apps for your messy digital life

Home Theater Geeks
Episode #252: NAB 2015 April 16th, 2015

The latest and greatest from NAB 2015

Know How... 102

Intro to Linux, RC Suspension, & ARP Cache Poisoning Attack

July 17 2014

We talk about the new Raspberry Pi B+, expert guest Aaron Newcomb goes over the different flavors of linux, learn how a remote control car suspension works, and put your black hat on for ARP Cache Poisoning Attack.

News Topic
Raspberry Pi B+ Announced

Linux 101

Aaron Newcomb shows the different flavors of Linux.

Remote Control Car Suspension

Coil Overs and Ball Bearings explained

The ARP Cache Poisoning Attack

The ARP Cache Poisoning Attack
ARP = "Address Resolution Protocol"
MAC = "Media Access Control"

Most of us think that our computers are identified by their IP address.
- However, on an ethernet network, they're actually identified by their MAC address (Media Access Control)
- A MAC is a 6-byte Hexideximal string that looks like, "00:11:aa:bb:cc:dd"

When we connect a computer to a network, it needs to become aware of all the other devices on the network, and all the other devices on the network need to become aware of the device.
- That's what ARP does: It correlates an IP address to a MAC address so that we can find a computer on the network with a particular IP address

Here's how it works:
* Computer A needs to send a file to Computer B
* Computer A knows that Computer B has the IP address of 192.168.1.2
* Computer A does an ARP Broadcast saying, "Hey! Who has the IP address 192.168.1.2?"
* Computer B hears the broadcast and responds, "I Do! 00:00:00:aa:aa:aa"
* Computer A know knows how to send the file to Computer B

Here's how access to the Internet Works:
* Computer A connects to the Network and receives a DHCP address of 192.168.1.3 with a gateway of 192.168.1.1
* It wants to sent data through the gateway to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router(gateway) responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff
* Computer A sends data through the gateway at aa:bb:cc:dd:ee:ff

** Important to note is that all the devices will CACHE that response: so they all know which IPs belong to which MAC addresses.

Here's how a CACHE Poisoning Attack Works:
* Computer A wants to send data to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff"
* The attacking computer takes note that the gateway is at aa:bb:cc:dd:ee
* The attacking computer responds CONTINUOUSLY "I'm 192.168.1.1 22:22:22:22:22:22"
* Computer A sends data through WHAT IT THINKS is the gateway at 22:22:22:22:22:22
* The attacking computer receives the data, sniffs it, then sends it on to the REAL gateway at aa:bb:cc:dd:ee:ff

Using Cain and Abel
1. Download and Install Cain and Abel
2. You may need to disable global taskoffloading (netsh int ip set global taskoffload=disable)
3. Run the Sniffer
4. Switch to the Sniffer tab and hit the "+" icon to add a range scan (Use the IP range you're a part of)
5. Switch to the "ARP" tab at the bottom of the screen
6. Hit the "+" icon to Select your router and the client that you want to poison (or multiple clients)
7. Hit the "ARP" icon in the top bar to start the attack
8. Run Wireshark for more clear information

Connect with us!
Don't forget to check out our large library of projects at www.twit.tv/kh.
- Google+ Community at gplus.to/twitkh
- Tweet at us at @padresj, @Cranky_Hippo and @Anelf3
-Check out our transcripts.