tag:blogger.com,1999:blog-89880983381309579022024-03-19T21:17:33.062+00:00Network SecurityVictor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.comBlogger18125tag:blogger.com,1999:blog-8988098338130957902.post-3357705231650599362009-04-22T18:29:00.003+01:002009-04-22T18:37:14.770+01:00Based on the demo from last Monday: <br /><br /><a href="http://en.wikipedia.org/wiki/ARP_spoofing">[Wikipedia]</a> Address Resolution Protocol (ARP) spoofing, also known as ARP poisoning or ARP Poison Routing (APR), is a technique used to attack an Ethernet wired or wireless network. ARP Spoofing may allow an attacker to sniff data frames on a local area network (LAN), modify the traffic, or stop the traffic altogether (known as a denial of service attack). The attack can only be used on networks that actually make use of ARP and not another method of address resolution.<br /><br />The principle of ARP spoofing is to send fake, or "spoofed", ARP messages to an Ethernet LAN. Generally, the aim is to associate the attacker's MAC address with the IP address of another node (such as the default gateway). Any traffic meant for that IP address would be mistakenly sent to the attacker instead. The attacker could then choose to forward the traffic to the actual default gateway (passive sniffing) or modify the data before forwarding it (man-in-the-middle attack). The attacker could also launch a denial-of-service attack against a victim by associating a nonexistent MAC address to the IP address of the victim's default gateway.<br /><br />ARP spoofing attacks can be run from a compromised host, or from an attacker's machine that is connected directly to the target Ethernet segment.<br /><br /><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" id="Yourfilename" width="320" align="" height="240"><br /><param name="movie" value="http://www.oxid.it/downloads/apr-intro.swf"> <param name="quality" value="high"> <param name="bgcolor" value="#333399"> <embed src="http://www.oxid.it/downloads/apr-intro.swf" quality="high" bgcolor="#333399" name="Yourfilename" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer" width="640" align="" height="480"></embed> </object><br />Extracted from:<br /><a href="http://www.oxid.it/downloads/apr-intro.swf">http://www.oxid.it/downloads/apr-intro.swf</a>Victor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com1tag:blogger.com,1999:blog-8988098338130957902.post-13870430244477874172009-04-08T16:36:00.000+01:002009-04-08T16:37:35.215+01:00Creating a virtual machine in VirtualBox 2.1.2<embed src="http://blip.tv/play/AeecJ5OCbg" type="application/x-shockwave-flash" width="640" height="480" allowscriptaccess="always" allowfullscreen="true"></embed>Victor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com0tag:blogger.com,1999:blog-8988098338130957902.post-77699623140368459712009-03-30T19:33:00.004+01:002009-03-30T19:38:58.355+01:00Cracking Telnet in 4 minutes with WireShark<embed src="http://blip.tv/play/AezbLZP1Mw" type="application/x-shockwave-flash" width="640" height="480" allowscriptaccess="always" allowfullscreen="true"></embed> <br /><br />What alternatives would you suggest to enhance the security of your network from this type of attack? and why?.Victor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com0tag:blogger.com,1999:blog-8988098338130957902.post-21911554260608999982009-03-30T19:27:00.001+01:002009-04-04T19:56:04.643+01:00Cracking your own wireless access point in 10 minutes (WEP)<embed src="http://blip.tv/play/AbmaCYy9Cg" type="application/x-shockwave-flash" width="354" height="317" allowscriptaccess="always" allowfullscreen="true"></embed>Victor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com0tag:blogger.com,1999:blog-8988098338130957902.post-27796959444289204232009-03-30T19:17:00.002+01:002009-03-30T19:25:18.278+01:00Wireless Cards Air-crack CompatibilityIf you decide to crack a wireless access point as part of your coursework you may want to use a live-CD with a distribution that contains <span style="font-weight: bold; font-style: italic;">aircrack</span>. Hence, a laptop with a CD-drive and a compatible wireless card is required. A common question that people ask is “I have model ABC <span class="search_hit">wireless</span> <span class="search_hit">card</span>, is it compatible with <span class="search_hit">Aircrack</span>-ng?” or “What <span class="search_hit">card</span> should I buy?” or “Can my <span class="search_hit">card</span> do injection?” and so on. This tutorial address these questions.<br /><p><br /></p><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://galaxyacademy.co.in/encyclopedea/wifi_clip_image006.jpg"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 400px; height: 400px;" src="http://galaxyacademy.co.in/encyclopedea/wifi_clip_image006.jpg" alt="" border="0" /></a><br /><p><br /></p> First off, answering these questions involves some work on your part. Please continue reading on:<br /><br />Extracted from: <a href="http://www.aircrack-ng.org/doku.php?id=compatible_cards">http://www.aircrack-ng.org/doku.php?id=compatible_cards</a>Victor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com0tag:blogger.com,1999:blog-8988098338130957902.post-55831284042658932932009-03-30T18:51:00.003+01:002009-03-30T18:54:52.161+01:00VMWARE ProblemsIf you experience any problem related to previous posts, please post a comment on the relevant thread and subscribe to it so that you can receive an e-mail as soon as there is an update on it. If any other problem or suggestion, please comment in this thread. ThanksVictor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com0tag:blogger.com,1999:blog-8988098338130957902.post-86054945996914589072009-03-25T20:03:00.000+00:002009-03-25T20:04:28.871+00:00Network Hacking (OS Fingerprinting)<div style="background: rgb(218, 230, 255) none repeat scroll 0% 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;" align="center"> <h3>-: Network Hacking (OS Fingerprinting) :-</h3> </div><br /> <strong style="color: rgb(0, 51, 255); font-size: 115%;">OS Fingerprinting :-</strong> OS Fingerprinting refers to detection of target computer's operating system.<br />Since, different operating system responds differently to the same kind of ICMP message, it is very important for an attacker to determine the exact operating system running on target system.<br />Also attacker can carry out attacks by taking over the vulnerabilities/bugs found in that particular operating system.<br />There are four areas that we will look at to determine the operating system (however there are other signatures that can be used). These signatures are:<br /> <br /> <strong>1) TTL -</strong> What the operating system sets the Time To Live on the outbound packet.<br /> <strong>2) Window Size -</strong> What the operating system sets the Window Size at.<br /> <strong>3) DF -</strong> Does the operating system set the Don't Fragment bit.<br /> <strong>4) TOS -</strong> Does the operating system set the Type of Service, and if so, at what.<br /> <br /> There are two different types of OS Fingerprinting technique -<br /> <br /> <strong style="color: rgb(0, 51, 255);">1) Active OS Fingerprinting :-</strong> Remote active operating system fingerprinting is the process of actively determining a targeted network node’s underlying operating system by probing the<br />targeted system with several packets and examining the response(s), or lack thereof, received? The traditional approach is to examine the TCP/IP stack behavior (IP, TCP, UDP, and ICMP protocols) of a targeted network element when probed with several legitimate and/or malformed packets.<br /> <br /> <table width="75%" align="center" bgcolor="#dae6ff" border="1" cellpadding="0" cellspacing="0"> <tbody><tr> <th colspan="2" align="center">Recommended Tools</th> </tr> <tr> <td align="center">Nmap</td> <td align="center">http://insecure.org/nmap</td> </tr> </tbody></table> <br /><br /> <strong style="color: rgb(0, 51, 255);"> 2) Passive OS Fingerprinting :-</strong>Passive fingerprinting is based on sniffer traces from the remote system. Instead of actively querying the remote system, all you need to do is capture packets sent from the remote system. Based on the sniffer traces of these packets, you can determine the operating system of the remote host. Just like in active fingerprinting, passive fingerprinting is<br />based on the principle that every operating system's IP stack has its own idiosyncrasies. By analyzing sniffer traces and identifying these differences, you may be able determine the operating system of the remote host.<br /> <br /> <table width="75%" align="center" bgcolor="#dae6ff" border="1" cellpadding="0" cellspacing="0"><tbody><tr><th colspan="2" align="center">Recommended Tools</th></tr> <tr> <td width="21%" align="center">P0f</td> <td width="79%" align="center">http://lcamtuf.coredump.cx/p0f.shtml</td> </tr> <tr><td align="center">Ettercap</td> <td align="center">http://ettercap.sourceforge.net</td></tr></tbody></table>Victor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com0tag:blogger.com,1999:blog-8988098338130957902.post-37523717808500410982009-03-25T19:16:00.002+00:002009-03-25T19:17:13.915+00:00How to install Backtrack 3 on VMware Workstation<embed src="http://blip.tv/play/Ab2wQI2NGQ" type="application/x-shockwave-flash" width="640" height="510" allowscriptaccess="always" allowfullscreen="true"></embed>Victor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com0tag:blogger.com,1999:blog-8988098338130957902.post-1245297145533168712009-03-25T18:59:00.002+00:002009-03-25T19:01:29.485+00:00Introduction to Nmap<embed type="application/x-shockwave-flash" src="http://xml.truveo.com/eb/i/2979117232/a/764cc682872cc2e4952433d837c5f146/p/1" pluginspage="http://www.macromedia.com/go/getflashplayer" scale="noScale" salign="TL" bgcolor="#000000" flashvars="mediaId=633553&affiliateId=34929&allowFullScreen=true&autoStart=false" allowfullscreen="true" allowscriptaccess="always" width="640" height="510"></embed><div style="background-color: rgb(49, 82, 112); width: 640px; height: 14px; text-align: center;"><a href="http://uk.truveo.com/" target="_blank" style="font-family: Arial; font-size: 9px; font-weight: 100; color: rgb(199, 216, 231); line-height: 14px; text-decoration: none; letter-spacing: 0.1em;"></a></div>Victor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com0tag:blogger.com,1999:blog-8988098338130957902.post-54839597422858730602009-03-24T11:22:00.001+00:002009-03-24T11:22:46.872+00:00Use Snapshots in VMware Server 1.0<embed src="http://blip.tv/play/AbLrGIuRWg" type="application/x-shockwave-flash" width="640" height="510" allowscriptaccess="always" allowfullscreen="true"></embed>Victor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com0tag:blogger.com,1999:blog-8988098338130957902.post-15735677097107233452009-03-24T11:21:00.001+00:002009-03-24T11:21:47.735+00:00Add a Network Card to a Virtual Machine in VMware Server 1.0<embed src="http://blip.tv/play/AbGYaIuRWg" type="application/x-shockwave-flash" width="640" height="510" allowscriptaccess="always" allowfullscreen="true"></embed>Victor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com0tag:blogger.com,1999:blog-8988098338130957902.post-4324389000425646232009-03-24T11:06:00.002+00:002009-03-24T11:19:45.491+00:00Delete a Virtual Machine in VMware Server 1.0<embed src="http://blip.tv/play/AbGbE4uRWg" type="application/x-shockwave-flash" width="640" height="510" allowscriptaccess="always" allowfullscreen="true"></embed>Victor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com0tag:blogger.com,1999:blog-8988098338130957902.post-60711998974047913012009-03-24T11:05:00.001+00:002009-03-24T11:05:29.680+00:00Manage Virtual Machines in VMware Server 1.0<embed src="http://blip.tv/play/AbGbEouRWg" type="application/x-shockwave-flash" width="640" height="510" allowscriptaccess="always" allowfullscreen="true"></embed>Victor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com0tag:blogger.com,1999:blog-8988098338130957902.post-87211359156186457612009-03-24T11:04:00.001+00:002009-03-24T11:04:55.623+00:00Create and Modify a Network in VMware Server 1.0<embed src="http://blip.tv/play/AbLpI4uRWg" type="application/x-shockwave-flash" width="640" height="510" allowscriptaccess="always" allowfullscreen="true"></embed>Victor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com0tag:blogger.com,1999:blog-8988098338130957902.post-83563140146293529012009-03-24T11:02:00.000+00:002009-03-24T11:03:17.443+00:00Create a Virtual Machine in VMware Server 1.0<embed src="http://blip.tv/play/AbGxaIuRWg" type="application/x-shockwave-flash" width="640" height="510" allowscriptaccess="always" allowfullscreen="true"></embed>Victor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com0tag:blogger.com,1999:blog-8988098338130957902.post-57975380032610952692009-03-24T10:57:00.002+00:002009-03-24T10:57:51.232+00:00How to download VMware Server and get a license<embed src="http://blip.tv/play/AbDxZIuRWg" type="application/x-shockwave-flash" width="640" height="510" allowscriptaccess="always" allowfullscreen="true"></embed>Victor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com0tag:blogger.com,1999:blog-8988098338130957902.post-23792800733419381352009-03-24T10:06:00.000+00:002009-03-24T11:07:11.649+00:00Install VMware Server 1.0<embed src="http://blip.tv/play/AbGYbYuRWg" type="application/x-shockwave-flash" width="640" height="510" allowscriptaccess="always" allowfullscreen="true"></embed>Victor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com1tag:blogger.com,1999:blog-8988098338130957902.post-35145472471736626962009-03-23T17:36:00.000+00:002009-03-23T20:13:19.573+00:00Installing VMware ServerPlease, click on the image to access a reliable set of Instructions from the VMware online library:<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://pubs.vmware.com/server1/admin/wwhelp/wwhimpl/common/html/wwhelp.htm?context=admin&file=install_win_vmware_server.html"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 320px; height: 60px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhRRLZIlWfhGgm4XBvdKGKEv46r61kd_B-fFby4NeibAlGFFlr1czF7cwyadbhPXL64aZjSh1kSMyF11WRC_blfbKln9GZ9SSilZKAZ40p2iF1mU6s401kI8GK4Q8RRMX_sDtfK1kGnT-Gm/s320/VMwarepic.JPG" alt="" id="BLOGGER_PHOTO_ID_5316444552517550914" border="0" /></a>Victor Castanohttp://www.blogger.com/profile/03000511505741819360noreply@blogger.com0