Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: demonstrating an attack

demonstrating an attack 8 years 10 months ago #25070

  • sose
  • sose's Avatar
  • Offline
  • Honored Member
  • Posts: 813
  • Thank you received: 4
  • Karma: 3
I am a networking instructor in an IT training insttute in Nigeria and want to demonstrate a man in the middle attack for my students aka ARP poisoning.

I downloaded an etercap, some other network sniffers and cain and abel.

1. I want a methodology to the experiment
2. I am goint to be using a window xp platform of three xp boxes connected to a switch

thanks
sose
Network Engineer
analysethis.co/index.php/forum/index
The administrator has disabled public write access.

Re: demonstrating an attack 8 years 10 months ago #25071

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
All you need to acheive this is Cain and Abel, it should be simple to demonstrate from there.

I would setup a Windows 2003 server with IIS and switch on Authentication.

Then have a Windows XP host that you will use to connect to the IIS (with username/password)

Then have a Windows XP machine with Cain and Abel installed. Setup the Arp Poisoning within Cain and get someone to access the Webserver. Cain will capture the authentication attempt and will do the password crack (if NTLM) or its much simpler if its just clear text.

Cheers

Wayne
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.

Re: demonstrating an attack 8 years 10 months ago #25080

  • sose
  • sose's Avatar
  • Offline
  • Honored Member
  • Posts: 813
  • Thank you received: 4
  • Karma: 3
ok , its quite simple. but I intend to use an xp OS as the server since it has some server capability

thanks
sose
Network Engineer
analysethis.co/index.php/forum/index
The administrator has disabled public write access.

Re: demonstrating an attack 8 years 10 months ago #25082

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
Should be ok also since it will have HTTP Server functionality, principle will still be the same.

Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.

Re: demonstrating an attack 8 years 9 months ago #25093

  • sose
  • sose's Avatar
  • Offline
  • Honored Member
  • Posts: 813
  • Thank you received: 4
  • Karma: 3
thanks
smurf you are the man
sose
Network Engineer
analysethis.co/index.php/forum/index
The administrator has disabled public write access.
Time to create page: 0.083 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup