Schedule

Schedule

Wednesday, May 27

1432774800 Ham Nation

Thursday, May 28

1432827000 Tech News Today
1432830600 TWiT Live Specials
1432839600 Know How...
1432846800 Home Theater Geeks
1432854000 Tech News 2Night

Friday, May 29

1432918800 Tech News Today
1432922400 This Week in Law
1432933200 Before You Buy
1432940400 Tech News 2Night

Saturday, May 30

1433008800 The Tech Guy

Sunday, May 31

1433095200 The Tech Guy
1433109600 This Week in Tech

Monday, June 1

1433178000 Tech News Today
1433181600 Triangulation
1433187000 iOS Today
1433194200 Coding 101
1433199600 Tech News 2Night

Tuesday, June 2

1433264400 Tech News Today
1433268000 MacBreak Weekly
1433277000 Security Now
1433286000 Tech News 2Night
1433289600 All About Android

Wednesday, June 3

1433345400 FLOSS Weekly
1433350800 Tech News Today
1433354400 Windows Weekly
1433361600 This Week in Google
1433372400 Tech News 2Night
1433374200 Android App Arena
1433379600 Ham Nation

Thursday, June 4

1433437200 Tech News Today
1433440800 Know How...
1433451600 Home Theater Geeks
1433458800 Tech News 2Night

Friday, June 5

1433523600 Tech News Today
1433527200 This Week in Law
1433538000 Before You Buy
1433545200 Tech News 2Night

Saturday, June 6

1433613600 The Tech Guy

Most Recent Episodes

FLOSS Weekly
Episode #338: Lucee May 27th, 2015

Andrew Dixon, Gert Franz, and Lucee: a dynamic scripting language for the JVM.

Tech News Today

iPhones crash and reboot when a specific string of text is received.

All About Android

Google IO predictions, Periscope for Android, and a a packed round table session.

Security Now
Episode #509: TLS Logjam May 26th, 2015

Routers with a USB port could be vulnerable to attack because of a NetUSB bug.

Tech News 2Night

Mashable's Jason Abbruzzese talks Charter/TWC merger

MacBreak Weekly

Jony Ive promoted to 'Chief Design Officer'

Tech News Today

Jony Ive has been promoted to Apple's Chief Design Officer.

This Week in Tech

Uses of VR, Key FOB security, new Spotify, @POTUS, and more.

The Tech Guy
The Tech Guy 1190 May 24th, 2015

Make your own media player.

The New Screen Savers

Delighting audiences for decades, our guest Martin Sargent

Know How... 102

Intro to Linux, RC Suspension, & ARP Cache Poisoning Attack

July 17 2014

We talk about the new Raspberry Pi B+, expert guest Aaron Newcomb goes over the different flavors of linux, learn how a remote control car suspension works, and put your black hat on for ARP Cache Poisoning Attack.

News Topic
Raspberry Pi B+ Announced

Linux 101

Aaron Newcomb shows the different flavors of Linux.

Remote Control Car Suspension

Coil Overs and Ball Bearings explained

The ARP Cache Poisoning Attack

The ARP Cache Poisoning Attack
ARP = "Address Resolution Protocol"
MAC = "Media Access Control"

Most of us think that our computers are identified by their IP address.
- However, on an ethernet network, they're actually identified by their MAC address (Media Access Control)
- A MAC is a 6-byte Hexideximal string that looks like, "00:11:aa:bb:cc:dd"

When we connect a computer to a network, it needs to become aware of all the other devices on the network, and all the other devices on the network need to become aware of the device.
- That's what ARP does: It correlates an IP address to a MAC address so that we can find a computer on the network with a particular IP address

Here's how it works:
* Computer A needs to send a file to Computer B
* Computer A knows that Computer B has the IP address of 192.168.1.2
* Computer A does an ARP Broadcast saying, "Hey! Who has the IP address 192.168.1.2?"
* Computer B hears the broadcast and responds, "I Do! 00:00:00:aa:aa:aa"
* Computer A know knows how to send the file to Computer B

Here's how access to the Internet Works:
* Computer A connects to the Network and receives a DHCP address of 192.168.1.3 with a gateway of 192.168.1.1
* It wants to sent data through the gateway to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router(gateway) responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff
* Computer A sends data through the gateway at aa:bb:cc:dd:ee:ff

** Important to note is that all the devices will CACHE that response: so they all know which IPs belong to which MAC addresses.

Here's how a CACHE Poisoning Attack Works:
* Computer A wants to send data to the Internet, so it does an ARP Broadcast saying, "Hey! Which of you is the gateway at 192.168.1.1?"
* The router responds, "I'm 192.168.1.1 aa:bb:cc:dd:ee:ff"
* The attacking computer takes note that the gateway is at aa:bb:cc:dd:ee
* The attacking computer responds CONTINUOUSLY "I'm 192.168.1.1 22:22:22:22:22:22"
* Computer A sends data through WHAT IT THINKS is the gateway at 22:22:22:22:22:22
* The attacking computer receives the data, sniffs it, then sends it on to the REAL gateway at aa:bb:cc:dd:ee:ff

Using Cain and Abel
1. Download and Install Cain and Abel
2. You may need to disable global taskoffloading (netsh int ip set global taskoffload=disable)
3. Run the Sniffer
4. Switch to the Sniffer tab and hit the "+" icon to add a range scan (Use the IP range you're a part of)
5. Switch to the "ARP" tab at the bottom of the screen
6. Hit the "+" icon to Select your router and the client that you want to poison (or multiple clients)
7. Hit the "ARP" icon in the top bar to start the attack
8. Run Wireshark for more clear information

Connect with us!
Don't forget to check out our large library of projects at www.twit.tv/kh.
- Google+ Community at gplus.to/twitkh
- Tweet at us at @padresj, @Cranky_Hippo and @Anelf3
-Check out our transcripts.