Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: demonstrating an attack

demonstrating an attack 10 years 4 months ago #25070

  • sose
  • sose's Avatar Topic Author
  • Offline
  • Honored Member
  • Honored Member
  • Posts: 814
  • Karma: 3
  • Thank you received: 4
I am a networking instructor in an IT training insttute in Nigeria and want to demonstrate a man in the middle attack for my students aka ARP poisoning.

I downloaded an etercap, some other network sniffers and cain and abel.

1. I want a methodology to the experiment
2. I am goint to be using a window xp platform of three xp boxes connected to a switch

thanks

Please Log in to join the conversation.

Re: demonstrating an attack 10 years 4 months ago #25071

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Moderator
  • Posts: 1390
  • Karma: 1
  • Thank you received: 0
All you need to acheive this is Cain and Abel, it should be simple to demonstrate from there.

I would setup a Windows 2003 server with IIS and switch on Authentication.

Then have a Windows XP host that you will use to connect to the IIS (with username/password)

Then have a Windows XP machine with Cain and Abel installed. Setup the Arp Poisoning within Cain and get someone to access the Webserver. Cain will capture the authentication attempt and will do the password crack (if NTLM) or its much simpler if its just clear text.

Cheers

Wayne

Please Log in to join the conversation.

Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.

Re: demonstrating an attack 10 years 4 months ago #25080

  • sose
  • sose's Avatar Topic Author
  • Offline
  • Honored Member
  • Honored Member
  • Posts: 814
  • Karma: 3
  • Thank you received: 4
ok , its quite simple. but I intend to use an xp OS as the server since it has some server capability

thanks

Please Log in to join the conversation.

Re: demonstrating an attack 10 years 4 months ago #25082

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Moderator
  • Posts: 1390
  • Karma: 1
  • Thank you received: 0
Should be ok also since it will have HTTP Server functionality, principle will still be the same.

Cheers

Please Log in to join the conversation.

Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.

Re: demonstrating an attack 10 years 4 months ago #25093

  • sose
  • sose's Avatar Topic Author
  • Offline
  • Honored Member
  • Honored Member
  • Posts: 814
  • Karma: 3
  • Thank you received: 4
thanks
smurf you are the man

Please Log in to join the conversation.

  • Page:
  • 1
Time to create page: 0.159 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup