I haven't made any video for more than two weeks. This doesn't mean that I stopped studying for exams. After I finished to study about firewall, I tried to emulate Cisco IDS ( version 6.X). I found very useful articles about it on forums like 7200emu and of course wiki. Yes, now, I can emulate Cisco IDS using GNS3. (Some say that they emulates 6.x on vmware but I couldn't able to emulate it.) After I learned a little bit about IDS I tried to make video but I realized that I don't know anything about real world attacks to demonstrate how IDS works. To make long story short, I change my track and I decided to learn Linux (Because most of the security tools run on Linux) and some useful tools about security before I continue for CCSP IDS. (it is actually not good for me, because CCSP exams are going to be changed and I am not sure that I can find any platform to study new exam topics such as IDS v7)
This video is about ARP poisoning. It is simpler than I thought.
How does Address Resolution Protocol work ?
Imagine we have computers Host A and Host B. We also assume that these computers have never previously communicated.
1- Host A would like to send Host B some data.
2-Host A looks in its ARP Cache and determines if an IP->MAC mapping exists.
3- Because they have never communicated before, a mapping does not exist.
4- Host A sends an ARP Request that says, "Who has the IP of Host B Tell Host A"
5- Host B is listening and replies, "IP B is MAC of B".
6- Host A updates it's ARP table with the IP->Mac mapping.
How does ARP Poisoning works
Well, you can find it in video.
No comments:
Post a Comment