Ettercap

premthacker24 1,966 views 27 slides Oct 14, 2017
Slide 1
Slide 1 of 27
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24
Slide 25
25
Slide 26
26
Slide 27
27

About This Presentation

Ettercap is Software tool For Man in the Middle Attack on Local Area Network.

Size: 1.03 MB
Language: en
Added: Oct 14, 2017
Slides: 27 pages

Slide Content

Ettercap

What is Ettercap? Ettercap  is a free and open source network security tool for  man-in-the-middle attacks  on LAN.

First Download Ettercap from https://apps.ubuntu.com/cat/applications/precise/ettercap-graphical/

Then Open Gui Module Via Write “Ettercap -G” in terminal

Select Network Interface The next step is host scanning. Click the “Hosts” menu and then click “Scan for hosts”. When the scan is finished, click the “Hosts” menu and then click on “Host List”: Start sniffing

Click on MITM Menu Select Arp poisoning

Man-in-the Middle MITM is named for a ball game where two people play catch while a third person in the middle attempts to intercept the ball.

Man-in-the Middle(Continued) A man-in-the-middle (MITM) attack is a form of eavesdropping where communication between two users is monitored and modified by an unauthorized party.

So, Which MITM attack Ettercap Provide Arp Poisoning DNS spoofing DHCP spoofing

Arp Poisoning: What is ARP? Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network. 

How ARP Works? When an incoming packet destined for a host machine on a particular local area network arrives at a gateway, the gateway asks the ARP program to find a physical host or MAC address that matches the IP address. The ARP program looks in the ARP cache and, if it finds the address, provides it so that the packet can be converted to the right packet length and format and sent to the machine. If no entry is found for the IP address, ARP broadcasts a request packet in if one machine knows that it has that IP address associated with it. A machine that recognizes the IP address as its own returns a reply so indicating. ARP updates the ARP cache for future reference and then sends the packet to the MAC address that replied.

What is Arp Cache? A ARP cache is a temporary database, maintained by a computer's operating system and in switch, that contains records of all the recent attempted visits Arp Request and their Resolver.

Then What is Arp poisning ? Address Resolution Protocol poisoning (ARP poisoning) is a form of attack in which an attacker changes the Media Access Control (MAC) address and attacks an Ethernet LAN by changing the target computer's ARP cache with a forged ARP request and reply packets. By This all the packets Are received by Attackers MAC and it Can violate Confidentiality,integrity .

Arp Poisoning Be Like

DNS SPOOFING: What we know About DNS? The  Domain Name System (DNS)  translates Internet domain names to IP addresses.

How DNS Works?

What is DNS Cache? A DNS cache (sometimes called a DNS  resolver  cache) is a temporary database, maintained by a computer's operating system, that contains records of all the recent visits and attempted visits to websites and other internet domains.

Example of DNS cache docs.google.com ------------------------------------- Record Name . . . . . : docs.google.com Record Type . . . . . : 1 Time To Live . . . . : 21 Data Length . . . . . : 4 Section . . . . . . . : Answer A (Host) Record . . . : 172.217.6.174

DNS Spoofing DNS spoofing , also referred to as  DNS cache poisoning , is a form of computer security hacking in which corrupt Domain Name System data is introduced into the DNS resolver's cache, causing the name server to return an incorrect IP address. This results in traffic being diverted to the attacker's computer (or any other computer).

Example Suppose Victim wants to open facebook.com So He Writes facebook.com in the Browser URL. Then DNS Resolver Finds facebook.com from DNS cache. Victim’s Resolver Found attacker’s ip and DNS Resolver Redirects that ip and then unfortunately Victim is attacked by spoofed dns .

Thank You Present By Prem Thakkar Website : http://www.premthakkar.tk Contact:- [email protected]
Tags
hacking networking cyber security linux man in the middle dns spoofing arp poisoning kali
Categories
Design
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 1,966
  • Slides 27
  • Favorites 4
  • Age 2971 days
Related Slideshows
MGV Residential Design projects for different clients, including a New Mexico Adobe project-1-.pdf 1
MGV Residential Design projects for different clients, including a New Mexico Adobe project-1-.pdf
mannyvesa
26 views
EUNITED_Advocacy and Public Engagement through Visual Media 16
EUNITED_Advocacy and Public Engagement through Visual Media
GeorgeDiamandis11
31 views
DESIGN THINKINGGG PPT 2 TOPIC IDEATION.pptx 31
DESIGN THINKINGGG PPT 2 TOPIC IDEATION.pptx
HibaZaidi2
24 views
DESIGN THINKING CHAPTER 1 PPTT PPT 1.pptx 36
DESIGN THINKING CHAPTER 1 PPTT PPT 1.pptx
HibaZaidi2
28 views
Hinduism and Its History - PowerPoint Slides.pptx 112
Hinduism and Its History - PowerPoint Slides.pptx
ConorMcCormack10
24 views
Service Attributes of Manufactured Parts.pptx 20
Service Attributes of Manufactured Parts.pptx
MustafaEnesKrmac
24 views
View More in This Category