Syndication24 Sep 2008 - 05:17:35 pm
Beware: Your Email & Bank Passwords can be Hacked!
You may have taken all the necessary precautions to safeguard
yourself against malicious attacks -- antivirus software, firewall,
anti-spyware, and anti-malware, the best email spam filters, and so on.
But there could very well be a chink in your e-armour -- your WiFi or
LAN network.
Under these scenarios you could be susceptible to what is known as an ARP cache poisoning attack. An ARP poisoning is basically when a hacker lies to your machine. It enables local hackers to play around with your data like it's child's play.
ARP, or Address Resolution Protocol is what a network uses to associate an IP address with a device's MAC address. Thus, ARP is what essentially helps connect devices together on a network. Unfortunately, the way this connection works is without any form of authentication. So a device can easily masquerade as another, which of course allows a hacker to associate any device on your network with any IP and MAC address! This also opens up several attack vectors for the hacker such as Denial of Service and MAC flooding. Perhaps, most frighteningly, the hacker can act as a go-between amidst two devices on your network -- intercepting network traffic between the two. These two could very well be your computer and your Internet router. In effect, any communication made between your PC and the outside world can be sniffed at, hacked at, decoded and stolen. (If you are wondering how this can happen: the hacker will essentially make the router think that his computer is your computer, while simultaneously make your computer think that the hacker's PC is your router! Fiendish.)
Now whenever you access the Internet, your PC send all data packets to the hacker's. We don't have to tell you how scary this is.
And it's easy. All you need is a tool called Cain and Abel.
Advantages of this attack:
1. Does not leave a clue.
2. Works on WiFi and LAN networks
3. Can intercept Encrypted traffic
You can assign static IP addresses to your network devices, and also static ARP entires. Under Windows, "ipconfig /all" on the command line will tell you the IP and MAC addresses of every device on your network. Then using the "arp -s" command, you can add static entries for those devices.
You could also use a software tool for the same. Download an application called Anti-ARPSpoof here[ZIP]. The tool basically sets up a static route entry which is a sure-shot solution to prevent this attack. There is another open-source tool available called ArpON which detects and blocks all ARP poisoning and spoofing attacks.
Remember that this is only locally possible. A hacker would need to be either physically present on your network or have control of a machine on your network to be able to carry out this attack.
When you setup a WiFi network at your home, or anywhere else, for that matter, you are inviting trouble. Some of the broadband providers also provide a shared Internet connection with customers in the same building; this too could be another vector for a particularly nasty attack.
Under these scenarios you could be susceptible to what is known as an ARP cache poisoning attack. An ARP poisoning is basically when a hacker lies to your machine. It enables local hackers to play around with your data like it's child's play.
So easy, it's scary
ARP, or Address Resolution Protocol is what a network uses to associate an IP address with a device's MAC address. Thus, ARP is what essentially helps connect devices together on a network. Unfortunately, the way this connection works is without any form of authentication. So a device can easily masquerade as another, which of course allows a hacker to associate any device on your network with any IP and MAC address! This also opens up several attack vectors for the hacker such as Denial of Service and MAC flooding. Perhaps, most frighteningly, the hacker can act as a go-between amidst two devices on your network -- intercepting network traffic between the two. These two could very well be your computer and your Internet router. In effect, any communication made between your PC and the outside world can be sniffed at, hacked at, decoded and stolen. (If you are wondering how this can happen: the hacker will essentially make the router think that his computer is your computer, while simultaneously make your computer think that the hacker's PC is your router! Fiendish.)
Now whenever you access the Internet, your PC send all data packets to the hacker's. We don't have to tell you how scary this is.
And it's easy. All you need is a tool called Cain and Abel.
Advantages of this attack:
1. Does not leave a clue.
2. Works on WiFi and LAN networks
3. Can intercept Encrypted traffic
The solution?
You can assign static IP addresses to your network devices, and also static ARP entires. Under Windows, "ipconfig /all" on the command line will tell you the IP and MAC addresses of every device on your network. Then using the "arp -s" command, you can add static entries for those devices.
You could also use a software tool for the same. Download an application called Anti-ARPSpoof here[ZIP]. The tool basically sets up a static route entry which is a sure-shot solution to prevent this attack. There is another open-source tool available called ArpON which detects and blocks all ARP poisoning and spoofing attacks.
Remember that this is only locally possible. A hacker would need to be either physically present on your network or have control of a machine on your network to be able to carry out this attack.
No Comment for this post yet...