Hot Downloads

Zoho NetFlow
×

Notice

The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
Forgot your password? Forgot your username?
Forum
Networking, Security & Administration
Firewall Filtering, IDS/IPS & Security
demonstrating an attack
  • Page:
  • 1

TOPIC: demonstrating an attack

demonstrating an attack 11 years 8 months ago #25070

  • sose
  • sose's Avatar Topic Author
  • Offline
  • Honored Member
  • Honored Member
  • Posts: 814
  • Karma: 3
  • Thank you received: 4
I am a networking instructor in an IT training insttute in Nigeria and want to demonstrate a man in the middle attack for my students aka ARP poisoning.

I downloaded an etercap, some other network sniffers and cain and abel.

1. I want a methodology to the experiment
2. I am goint to be using a window xp platform of three xp boxes connected to a switch

thanks

Re: demonstrating an attack 11 years 8 months ago #25071

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Moderator
  • Posts: 1390
  • Karma: 1
  • Thank you received: 0
All you need to acheive this is Cain and Abel, it should be simple to demonstrate from there.

I would setup a Windows 2003 server with IIS and switch on Authentication.

Then have a Windows XP host that you will use to connect to the IIS (with username/password)

Then have a Windows XP machine with Cain and Abel installed. Setup the Arp Poisoning within Cain and get someone to access the Webserver. Cain will capture the authentication attempt and will do the password crack (if NTLM) or its much simpler if its just clear text.

Cheers

Wayne
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.

Re: demonstrating an attack 11 years 8 months ago #25080

  • sose
  • sose's Avatar Topic Author
  • Offline
  • Honored Member
  • Honored Member
  • Posts: 814
  • Karma: 3
  • Thank you received: 4
ok , its quite simple. but I intend to use an xp OS as the server since it has some server capability

thanks

Re: demonstrating an attack 11 years 8 months ago #25082

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Moderator
  • Posts: 1390
  • Karma: 1
  • Thank you received: 0
Should be ok also since it will have HTTP Server functionality, principle will still be the same.

Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.

Re: demonstrating an attack 11 years 8 months ago #25093

  • sose
  • sose's Avatar Topic Author
  • Offline
  • Honored Member
  • Honored Member
  • Posts: 814
  • Karma: 3
  • Thank you received: 4
thanks
smurf you are the man
  • Page:
  • 1
Forum
Networking, Security & Administration
Firewall Filtering, IDS/IPS & Security
demonstrating an attack
Time to create page: 0.115 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup