Schedule

Schedule

Thursday, October 2

1412269200 Tech News Today
1412272800 Know How...
1412276400 Marketing Mavericks
1412281800 Coding 101
1412285400 Home Theater Geeks
1412290800 Tech News 2Night
1412292600 The Giz Wiz

Friday, October 3

1412355600 Tech News Today
1412359200 This Week in Law
1412366400 Android App Arena
1412377200 Tech News 2Night

Saturday, October 4

1412445600 The Tech Guy

Sunday, October 5

1412532000 The Tech Guy
1412546400 This Week in Tech

Monday, October 6

1412614800 Tech News Today
1412618400 Triangulation
1412623800 iPad Today
1412636400 Tech News 2Night

Tuesday, October 7

1412701200 Tech News Today
1412704800 MacBreak Weekly
1412712000 Security Now
1412719200 Before You Buy
1412722800 Tech News 2Night
1412726400 All About Android
1412735400 Padre's Corner

Wednesday, October 8

1412782200 FLOSS Weekly
1412787600 Tech News Today
1412791200 Windows Weekly
1412798400 This Week in Google
1412809200 Tech News 2Night
1412816400 Ham Nation

Thursday, October 9

1412874000 Tech News Today
1412877600 Know How...
1412881200 Marketing Mavericks
1412886600 Coding 101
1412890200 Home Theater Geeks
1412895600 Tech News 2Night
1412897400 The Giz Wiz

Friday, October 10

1412960400 Tech News Today
1412964000 This Week in Law
1412971200 Android App Arena
1412982000 Tech News 2Night

Saturday, October 11

1413050400 The Tech Guy

Most Recent Episodes

Ham Nation

Valerie Hotzfeld explains how to setup Log Book of the World.

This Week in Google

Google removes news snippets from searches in Germany.

iFive for the iPhone

Storehouse, iPhone 6 button woes, compare edited photos with the original, and more.

Tech News 2Night

The Attorney General wants tech makers to leave backdoors in devices.

Security Now

Apple offers OS X updates for the ShellShock problem

FLOSS Weekly

FLOSS Weekly host Randal Schwartz takes questions from the viewers!

Tech News Today

Microsoft skipped version nine and went straight to Windows 10.

Padre's Corner

How pickpockets hack your brain, FedEx going green, and geeking out with Fr. Jim McDermott!

All About Android

The week was filled with new initiatives by Google that directly affect independent developers.

Before You Buy

Jason Howell reviews the HTC Desire 510.

Know How... 102

Intro to Linux, RC Suspension, & ARP Cache Poisoning Attack

July 17 2014

We talk about the new Raspberry Pi B+, expert guest Aaron Newcomb goes over the different flavors of linux, learn how a remote control car suspension works, and put your black hat on for ARP Cache Poisoning Attack.

News Topic
Raspberry Pi B+ Announced

Linux 101

Aaron Newcomb shows the different flavors of Linux.

Remote Control Car Suspension

Coil Overs and Ball Bearings explained

The ARP Cache Poisoning Attack

The ARP Cache Poisoning Attack
ARP = "Address Resolution Protocol"
MAC = "Media Access Control"

Most of us think that our computers are identified by their IP address.
- However, on an ethernet network, they're actually identified by their MAC address (Media Access Control)
- A MAC is a 6-byte Hexideximal string that looks like, "00:11:aa:bb:cc:dd"

When we connect a computer to a network, it needs to become aware of all the other devices on the network, and all the other devices on the network need to become aware of the device.
- That's what ARP does: It correlates an IP address to a MAC address so that we can find a computer on the network with a particular IP address

Here's how it works:
* Computer A needs to send a file to Computer B
* Computer A knows that Computer B has the IP address of 192.168.1.2
* Computer A does an ARP Broadcast saying, "Hey! Who has the IP address 192.168.1.2?"
* Computer B hears the broadcast and responds, "I Do! 00:00:00:aa:aa:aa"
* Computer A know knows how to send the file to Computer B

Here's how access to the Internet Works:
* Computer A connects to the Network and receives a DHCP address of 192.168.1.3 with a gateway of 192.168.1.1
* It wants to sent data through the gateway to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router(gateway) responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff
* Computer A sends data through the gateway at aa:bb:cc:dd:ee:ff

** Important to note is that all the devices will CACHE that response: so they all know which IPs belong to which MAC addresses.

Here's how a CACHE Poisoning Attack Works:
* Computer A wants to send data to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff"
* The attacking computer takes note that the gateway is at aa:bb:cc:dd:ee
* The attacking computer responds CONTINUOUSLY "I'm 192.168.1.1 22:22:22:22:22:22"
* Computer A sends data through WHAT IT THINKS is the gateway at 22:22:22:22:22:22
* The attacking computer receives the data, sniffs it, then sends it on to the REAL gateway at aa:bb:cc:dd:ee:ff

Using Cain and Abel
1. Download and Install Cain and Abel
2. You may need to disable global taskoffloading (netsh int ip set global taskoffload=disable)
3. Run the Sniffer
4. Switch to the Sniffer tab and hit the "+" icon to add a range scan (Use the IP range you're a part of)
5. Switch to the "ARP" tab at the bottom of the screen
6. Hit the "+" icon to Select your router and the client that you want to poison (or multiple clients)
7. Hit the "ARP" icon in the top bar to start the attack
8. Run Wireshark for more clear information

Connect with us!
Don't forget to check out our large library of projects at www.twit.tv/kh.
- Google+ Community at gplus.to/twitkh
- Tweet at us at @padresj, @Cranky_Hippo and @Anelf3
-Check out our transcripts.