PaulDotCom mailing list archives
Man-in-the-middle awareness....(+defcon17)
From: chris.biettchert at gmail.com (Chris Biettchert)
Date: Thu, 4 Jun 2009 17:12:20 -0700
When you are on a public network, you should assume that it is monitored and that your packets are being mangled. Do yourself a favor and setup openvpn. On Thu, Jun 4, 2009 at 1:59 PM, stephen r. moore <moore.steve at gmail.com>wrote:
Brian / Adrian, You might want to look into XArp 2. There is a free beta version. We almost included it in a class I help put together, but we ran out of time/space. The full version is $31. http://www.chrismc.de/ Cheers, Steve On Tue, Jun 2, 2009 at 9:34 PM, Brian H <binarynomad at gmail.com> wrote:[REPOST APOLOGY]: Sorry if this is a repost, I never saw my original message hit the list, so I'm trying again. I just finished watching Adrian's "Hacker Con WiFi Hijinx Video: Protecting Yourself On Potentially Hostile Networks " which was fun, and I was happily surprised to see he had started development of an user end IPS "DecaffeinatID". It reminded me of the "Hot Spot Defense Kit" from the Shmoo group. Ever since I saw it during a Defcon presentation, I loved it and I thought it should pretty much be a standard install with any wireless workstation. Sadly no development seems to have gone past that proof of concept. It was useful for Tiger installs, but nothing since. With the advent of so many MiTM tools out there, it seems that there are so few defensive ones. I'm not a programmer, but it just seems so surprising that more of these haven't been developed. I realize that ARP is only one attack vector, and that DNS and DHCP spoofing can also be employed, but this just seems to be the easy, low hanging fruit that hasn't been picked off yet. One's I know of: - Windows - decaffeinatid - beta development - promising outlook - Macintosh - Hot Spot Defense Kit (HSDK) - no development - Broken in Leopard (10.5) - Macintosh - ArpSpyX - current development? - just found it, have yet to test - Linux - Arpwatch - current development - basic command line, not widget/desktop friendly What are your experiences on host based protection from MiTM attacks? Also, speaking of hostile networks, how many people are heading to Defcon17? Any possibilities for a meet up? ---- Brian H binarynomad at gmail.com _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090604/fd3fd955/attachment.htm
Current thread:
- Man-in-the-middle awareness....(+defcon17) Brian H (Jun 02)
- Man-in-the-middle awareness....(+defcon17) Adrian Crenshaw (Jun 02)
- Man-in-the-middle awareness....(+defcon17) Adrian Crenshaw (Jun 04)
- Man-in-the-middle awareness....(+defcon17) stephen r. moore (Jun 04)
- Man-in-the-middle awareness....(+defcon17) Chris Biettchert (Jun 04)
- Man-in-the-middle awareness....(+defcon17) Adrian Crenshaw (Jun 02)