Top Ad

Saturday, June 22, 2013

Man In The Middle Attack | Blocking Routes On Victim's PC

This is a commonly used method used on networks to cut down the network connection of victim. It makes  a Denial of Service attack on the Victim so that he doesn’t get internet access. It does so by flooding the switch with unreal MAC address entries that point to the victim’s ip address, so the packets are mapped incorrectly and the victim receives no packets. 

Lets understand how it works:
Suppose there is a Desktop PC with:

      Hostname :  C4  
      IP : 10.0.0.81 
      Gateway : 10.0.0.138
We use here 3 tools:
1. Attacking/Blocking
2.Ethereal : To Checks Packets.
3.AntiArp : To monitors and block all incoming and outgoing ARP traffic from / to my pc.
  
First we BLOCK user with LAN IP 10.0.0.10  


On the ethereal, it made 1767 ARP packets in only one minute..!


The AntiArp shows that I ‘m sending fake Mac address to the gateway and I’m disguised as the victim’s IPaddress. (while if we make a man in the middle attack , we can get victims MAC address and set is as our MAC addr and give victim other addr ) .




How to defend against a similar type of attack ?
. AntiArp is a nice tool the defends the MAC Denial of Service attack.