To make it more clear we will see some cases: An independent team, which connects to the Internet through a modem will have the IP assigned by your ISP and factory MAC brings the modem. The MAC address is “recorded” in each connecting device (Cards of red, routers, modems…) and in theory should not be 2 equal in the world, until recently it was assumed that they could not change and since not long ago there are techniques to change them (not always). The IP address is the type of X.X.X.X and serves to distinguish one computer from another when these are connected (an isolated computer, that is to say, without any connection, also has IP, is the 127.0.0.1). Now the team sniffer 3 no longer useless.Įach computer connected to a network / internet, has (at least) an IP address and each connection device has a MAC address. If our mini-grid had a switch and not a hub operation would be different, in the same situation as before, the team request 1 would switch to the, but this would send only the team 2, since it is addressed to him (This is the difference with the hub), and the 3 You would not know anything. In this situation, a person in the team 3 you can use a sniffer, and leave the listener, This way you can see all the information exchanged equipment 1 Y 2, because you will see in the sniffer all those packages were not for the, but for the team 2. Suppose we have a mini-grid (LAN) with 3 equipment, like many individuals, small companies, etc, connected to a hub three, If the team 1 You want to open a folder (or share) of the team 2, the request to enter that folder leaves the team 1, It goes to the hub and this sends the team 2 Y 3, But the request was for the team 2, he 3 when you receive it simply ignores, and the 2 he will receive and answer, and the answer will happen the same. There are many types of networks, between them, which connect computers through a hub and those that do through a switch. These topics can be very technical, but as always, and that everyone understands, I will not go into deep explanations about the arp, sniff, network topologies etc.… just I try to demonstrate how easy it could be an attack theoretically advanced, but today anyone can make, that is to say, anyone can pose a danger to our security.īefore we dive with ettercap, we will introduce some small concepts that may help you understand what this is all about. I know that many of you will you are afraid to linux, but you know that sooner or later you will have to atreveros, And what better time?, because the ettercap works under linux, but if you prefer I go pensandotelo, You can also install Windows, with the help of cygwin, But we will talk about this later. I have chosen the “ettercap” Besides because I consider it one of the best tools you can find to intercept connections, because I think that after TONTETE would make 3 Super manuals on the subject (Redes y sniffers, Arp-spoof, foundation and practice, Manual on technical “Man In The Middle” ), of what “moebius” write an article on the “ dsniff ” (for linux), published in the journal “hackxcrack” N✡1, and that “Vic_Thor” explain how to use the “ Cain ” (Windows) to intercept network traffic by arp poisoning ( ) I think he has come to turn “Ettercap” and how pretty I do makes a text of this kind… it's already touching me □ In this article I will try to explain (above) how to use the program “ Ettercap “. Every day more popular techniques sniffing, arp-spoof, dns-spoof, man in the middle, etc, but there are many who believe they are reserved for network guru, and until recently it was so, but in this as in all, over time, Internet has made it possible tools that make what once was very quickly develop compicado, Now it is child's play (I'm not sure if that's good or bad).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |