30 July 2011

Spoof ARP and ICMP ECHOREPLY Using Linux Socket Filter

Download ARP and ICMP spoof code from here.
# gcc icmp_spoof.c -o icmp
# ./icmp eth0
Opening raw socket
Got raw socket fd 3
Fake MAC address is 00:aa:bb:cc:dd:ee
Created raw socket
Sent ARP reply: 192.168.109.5 is 00:0c:29:98:4f:5b
Received ICMP ECHO from 192.168.109.1 (code: 0  id: 512  seq: 27178)
Received ICMP ECHO from 192.168.109.1 (code: 0  id: 512  seq: 27434)

Reference:
http://blog.fpmurphy.com/2011/01/spoof-arp-and-icmp-echoreply-using-linux-packet-filter.html
Posted by ~mE at 18:36 0 comments
Labels: , ,

20 July 2011

VLAN Advanced

On a large, flat, switched network with thousands of computers, performance suffers and security concerns increase.

Using VLANs to divide a growing network can help with manageability, performance and security.

The VLAN structure makes it easier for administrators to manage network resources. Users can be grouped logically with the resources(servers, printers, etc.) that they need. When a user's computer physically moves to a different location (for example, with a laptop computer), the VLAN management software can recognize the computer and automatically assign it to the VLAN to which it's supposed to belong.

VLANs reduce the need to have routers deployed on a network to contain broadcast traffic. VLANs are separated by switches that divide the network into multiple broadcast domains, to reduce the amount of traffic going to all devices and thus increase performance.

By confining the broadcast domains, end-stations on a VLAN can be isolated from listening to or receiving broadcasts not intended for them. Moreover, if a router is not connected between the VLANs, the end-stations of a VLAN cannot communicate with the end-stations of the other VLANs.


Reference:
http://thebestechblog.blogspot.com/2009/06/vlan.html
http://www.frokwon.net/essays/VLAN.htm
http://net21.ucdavis.edu/newvlan.htm
http://www.techrepublic.com/article/scaling-your-network-with-vlans/5779489
Posted by ~mE at 23:11 1 comments
Labels: , ,

wpa_passphrase

WPA-PSK uses pre-shared key as a passphrase of 8 to 63 printable ASCII characters or as a string of 64 hexadecimal digits.

If ASCII characters are used, the 256 bit key is calculated by applying the PBKDF2 key derivation function to the passphrase, using the SSID as the salt and 4096 iterations of HMAC-SHA1.

wpa_passphrase -- utility for generating a 256-bit pre-shared WPA key from an ASCII passphrase. You can download wpa_passphrase.tar.gz from here.
# tar xzvf wpa_passphrase.tar.gz
# make
# ./wpa_passphrase humble mypassword
network={
        ssid="humble"
        #psk="mypassword"
        psk=aa382e1c4ac62580c25ee2b33a1cf6179176baad4a5cffc43be9c8d2b103f4aa
}
AP can be configured with ASCII passphrase or HEX digits
Which enables the windows client to uses either of the above key
For home and small office networks its preferred to use WPA2-personal authentication method which also uses CCMP, AES based encryption.
Each wireless network device authenticates with the access point using the same 256-bit key.

Reference:
http://www.hautespot.net/wpapsk.html
http://fuse4bsd.creo.hu/localcgi/man-cgi.cgi?wpa_passphrase+8
Posted by ~mE at 13:12 0 comments
Labels: , ,
Subscribe to: Posts (Atom)