Presentation on theme: "DNS Attack Dalia Solomon. CONFIGURATION KNOPPIX SDT STD stands for security tools distribution A bootable CD with Linux OS, Linux kernel 2.4.2 STD focuses."— Presentation transcript:
KNOPPIX SDT STD stands for security tools distribution A bootable CD with Linux OS, Linux kernel 2.4.2 STD focuses on information security and network management tools.
Step I Laptop A Was booted from CD drive, with Knoppix STD. Laptop B Runs Ethereal 0.10.3.
Step II On laptop A, I type the following command: arpspoof –i eth0 192.168.0.3 Arpspoof intercepts packets on a switched LAN
What actually happens? Laptop A, constantly sends laptop B, ARP replies ARP saying: MAC address (00-0c-29- df-af-9b) belongs to the IP of the DNS server (192.168.0.3) laptop B, makes a wrong entry in his ARP cache
Result….. Laptop B wants to send an IP packet to the DNS server it sends the Ethernet frame to Laptops A MAC address, so actually laptop A gets the IP packet.
Note when I type the command (on Laptop B): arp -a Shows us the local machines arp table Table gives the machine a set of remembered MAC addresses for IP address Reason does not need to repeatedly broadcast to find this information for each network transmission.