Schedule

Schedule

Sunday, November 23

1416769200 The Tech Guy
1416783600 This Week in Tech

Monday, November 24

1416852000 Tech News Today
1416855600 Triangulation
1416861000 iPad Today
1416873600 Tech News 2Night

Tuesday, November 25

1416938400 Tech News Today
1416942000 MacBreak Weekly
1416949200 Security Now
1416956400 Before You Buy
1416960000 Tech News 2Night
1416963600 All About Android
1416972600 Padre's Corner

Wednesday, November 26

1417019400 FLOSS Weekly
1417024800 Tech News Today
1417028400 Windows Weekly
1417035600 This Week in Google
1417046400 Tech News 2Night
1417048200 Android App Arena
1417053600 Ham Nation

Thursday, November 27

1417111200 Tech News Today
1417114800 Know How...
1417118400 Marketing Mavericks
1417123800 Coding 101
1417127400 Home Theater Geeks
1417132800 Tech News 2Night
1417134600 The Giz Wiz

Friday, November 28

1417197600 Tech News Today
1417201200 This Week in Law
1417219200 Tech News 2Night

Saturday, November 29

1417287600 The Tech Guy

Sunday, November 30

1417374000 The Tech Guy
1417388400 This Week in Tech

Monday, December 1

1417456800 Tech News Today
1417460400 Triangulation
1417465800 iPad Today
1417478400 Tech News 2Night

Tuesday, December 2

1417543200 Tech News Today
1417546800 MacBreak Weekly
1417554000 Security Now
1417561200 Before You Buy
1417564800 Tech News 2Night
1417568400 All About Android
1417577400 Padre's Corner

Most Recent Episodes

The Tech Guy
The Tech Guy 1137 November 22nd, 2014

Will using a VPN encrypt a VOIP call?

This Week in Law

Does a broad privacy policy grant a company access to customer data?

Tech News 2Night

Uber's bad PR Prompts Changes at Lyft

Tech News Today

Google and Rockstar settle their patent case

The Giz Wiz

3D fruit printer, Mous Musicase, Nomiku sous vide, and more!

This Week in Computer Hardware

Dell's 60Hz IPS Monitors, Gorilla Glass 4, and Windows 10.

Coding 101

The holiday pricer.

Tech News 2Night

Google's Tool to Remove Ads

Home Theater Geeks

3D Audio, Acoustic Room Design, and Anythony Grimani.

Marketing Mavericks

LinkedIn, HR resumes, Social Footprint

Know How... 102

Intro to Linux, RC Suspension, & ARP Cache Poisoning Attack

July 17 2014

We talk about the new Raspberry Pi B+, expert guest Aaron Newcomb goes over the different flavors of linux, learn how a remote control car suspension works, and put your black hat on for ARP Cache Poisoning Attack.

News Topic
Raspberry Pi B+ Announced

Linux 101

Aaron Newcomb shows the different flavors of Linux.

Remote Control Car Suspension

Coil Overs and Ball Bearings explained

The ARP Cache Poisoning Attack

The ARP Cache Poisoning Attack
ARP = "Address Resolution Protocol"
MAC = "Media Access Control"

Most of us think that our computers are identified by their IP address.
- However, on an ethernet network, they're actually identified by their MAC address (Media Access Control)
- A MAC is a 6-byte Hexideximal string that looks like, "00:11:aa:bb:cc:dd"

When we connect a computer to a network, it needs to become aware of all the other devices on the network, and all the other devices on the network need to become aware of the device.
- That's what ARP does: It correlates an IP address to a MAC address so that we can find a computer on the network with a particular IP address

Here's how it works:
* Computer A needs to send a file to Computer B
* Computer A knows that Computer B has the IP address of 192.168.1.2
* Computer A does an ARP Broadcast saying, "Hey! Who has the IP address 192.168.1.2?"
* Computer B hears the broadcast and responds, "I Do! 00:00:00:aa:aa:aa"
* Computer A know knows how to send the file to Computer B

Here's how access to the Internet Works:
* Computer A connects to the Network and receives a DHCP address of 192.168.1.3 with a gateway of 192.168.1.1
* It wants to sent data through the gateway to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router(gateway) responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff
* Computer A sends data through the gateway at aa:bb:cc:dd:ee:ff

** Important to note is that all the devices will CACHE that response: so they all know which IPs belong to which MAC addresses.

Here's how a CACHE Poisoning Attack Works:
* Computer A wants to send data to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff"
* The attacking computer takes note that the gateway is at aa:bb:cc:dd:ee
* The attacking computer responds CONTINUOUSLY "I'm 192.168.1.1 22:22:22:22:22:22"
* Computer A sends data through WHAT IT THINKS is the gateway at 22:22:22:22:22:22
* The attacking computer receives the data, sniffs it, then sends it on to the REAL gateway at aa:bb:cc:dd:ee:ff

Using Cain and Abel
1. Download and Install Cain and Abel
2. You may need to disable global taskoffloading (netsh int ip set global taskoffload=disable)
3. Run the Sniffer
4. Switch to the Sniffer tab and hit the "+" icon to add a range scan (Use the IP range you're a part of)
5. Switch to the "ARP" tab at the bottom of the screen
6. Hit the "+" icon to Select your router and the client that you want to poison (or multiple clients)
7. Hit the "ARP" icon in the top bar to start the attack
8. Run Wireshark for more clear information

Connect with us!
Don't forget to check out our large library of projects at www.twit.tv/kh.
- Google+ Community at gplus.to/twitkh
- Tweet at us at @padresj, @Cranky_Hippo and @Anelf3
-Check out our transcripts.