Some time ago, I gave you a real basic run down of what ARP is, and what it does. There is more to the basic network functionality that ARP provides, but of course, I can't cover it all here. If you're interested in learning more about how a network functions, head to the Yavapai College web page and register for CNT115 or CCNA1&2. Additionally, several Greyhat powerpoint presentations / videos will *hopefully* be available by the start of 2009's Spring semester. These presentations will only be accessible by registered students (any CNT course will qualify you).
Rather than continue to try and write a scenario on my own (probably confusing most of you in the process), I have found a tutorial online that shows you how to make use of Ettercap to perform an arp poisoning attack, which can be found on the Backtrack 3 Live CD (Linux based)
Click here to view the tutorial
Click here to get Backtrack 3 live cd
The important thing to keep in mind about ARP is that it is not authenticated in any way. ARP is used to find the MAC address of a machine to initiate network communication, and without authentication, this creates a huge vulnerability. The use of this attack is not confined to wired connections, it will work wirelessly as well.
Feel free to ask questions about this process here on the blog in the comments section.
Posts
No comments:
Post a Comment