Presentation is loading. Please wait.

Presentation is loading. Please wait.

DNS POISONING + CENSORSHIP LAB DUSTIN VANDENBERG, VIPUL AGARWAL, LIANG ZHAO 1.

Published byLoraine Lester Modified over 9 years ago

Similar presentations

Presentation on theme: "DNS POISONING + CENSORSHIP LAB DUSTIN VANDENBERG, VIPUL AGARWAL, LIANG ZHAO 1."— Presentation transcript:

1 DNS POISONING + CENSORSHIP LAB DUSTIN VANDENBERG, VIPUL AGARWAL, LIANG ZHAO 1

2 OUR LAB 1. Background Information 2. Reconnaissance 3. Control System 4. Redirection 5. Exploit 6. Context 2

3 1. BACKGROUND INFORMATION Domain Name System (DNS) DNS Attacks Wireshark Socket Programming Proxies 3 Combination of explanation and sources DNS Architecture The Hosts File and What it can do for you Decrypting SSL traffic with Wireshark and ways to prevent it Traffic Analysis with Wireshark Using Wireshark to Decode SSL/TLS Packets Investigation of DHCP Packets using Wireshark Wireshark Lab: DNS Wireshark User’s Guide Man in the Middle

4 1. BACKGROUND INFORMATION (CONT.) DOMAIN NAME SYSTEM (DNS) 4 Internet: Authoritive DNS Servers Resolver: gethostbyname(www.microsoft.com) Server: www.microsoft.com is 1.2.3.4 Caching DNS Server dns.microsoft.com dns.hacker.com Client

5 1. BACKGROUND INFORMATION (CONT.) DNS ATTACKS DNS Cache Poisoning Rogue DNS Server DNS Amplification Attack 5 This is what we use in the lab These are just given as examples for further study

6 1. BACKGROUND INFORMATION (CONT.) WIRESHARK Packet Capture Packet Analysis 6 Source: http://files.filecluster.com/media/screens/33832.jpg

7 1. BACKGROUND INFORMATION (CONT.) SOCKET PROGRAMMING Sockets -> Network Connections in Java 7 Out In Out In Connection Sockets

8 8 1. BACKGROUND INFORMATION (CONT.) PROXIES (MAN-IN-THE-MIDDLE) www.Microsoft.com Proxy (Evil?) Client Microsoft www.Microsoft.com HTML We want control of this power

9 2. RECONNAISSANCE What is our target website? How is the target accessing that website? Ports, Protocols, Proxies, Network Setup How can we become a man-in-the-middle? 9 Source: http://bahansen.info/wp-content/uploads/2014/01/6a00e008d95770883400e54f354d4b8834-800wi.jpg

10 3. CONTROL SYSTEM What happens once we are a man-in-the-middle? We have to create that proxy functionality 10 DEMO!

11 4. REDIRECTION We now must take control of the traffic Examples: Hosts file redirection, configure router 11 DEMO! (Another)

12 5. EXPLOIT Have fun with this power! 12 DEMO! (Yet Another) …surprise, surprise

13 6. CONTEXT Reflection on what this actually accomplished Limitations of our methods Ways to improve How this is used in the real world 13

14 THANK YOU! QUESTIONS/COMMENTS 14

Download ppt "DNS POISONING + CENSORSHIP LAB DUSTIN VANDENBERG, VIPUL AGARWAL, LIANG ZHAO 1."

Similar presentations

Review iClickers. Ch 1: The Importance of DNS Security.

Review iClickers. Ch 1: The Importance of DNS Security.
SSL Man-in-the-Middle Attack over Wireless Vivek Ramachandran

SSL Man-in-the-Middle Attack over Wireless Vivek Ramachandran
1 Address Resolution Protocol (ARP) Relates to Lab 2. This module is about the address resolution protocol.

1 Address Resolution Protocol (ARP) Relates to Lab 2. This module is about the address resolution protocol.
Firewall Simulation Teaching Information Security Using: Visualization Tools, Case Studies, and Hands-on Exercises May 23, 2012.

Firewall Simulation Teaching Information Security Using: Visualization Tools, Case Studies, and Hands-on Exercises May 23, 2012.
VOYAGER: Yet Another Secure Web Browser to Demonstrate Secure Socket Layer Working and Implementation By : Shrinivas G. Deshpande Advisor: Dr. Chung E.

VOYAGER: Yet Another Secure Web Browser to Demonstrate Secure Socket Layer Working and Implementation By : Shrinivas G. Deshpande Advisor: Dr. Chung E.
Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.

Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.
Final Presentation Topics 1) Firewalls 1) Firewalls 2) Virtual Private Networks 2) Virtual Private Networks 3) Secure Socket Layer 3) Secure Socket Layer.

Final Presentation Topics 1) Firewalls 1) Firewalls 2) Virtual Private Networks 2) Virtual Private Networks 3) Secure Socket Layer 3) Secure Socket Layer.
Objectives Install, configure, and troubleshoot DNS

Objectives Install, configure, and troubleshoot DNS
S. Stamm, Z. Ramzan, and M. Jakobsson Presented by Anh Le.

S. Stamm, Z. Ramzan, and M. Jakobsson Presented by Anh Le.
DNS Poisoning Attacks November 2005 John (Jenya) Neystadt Security Test Lead Microsoft Israel R&D.

DNS Poisoning Attacks November 2005 John (Jenya) Neystadt Security Test Lead Microsoft Israel R&D.
Internet: Authoritive DNS Servers Resolver: gethostbyname(www.microsoft.com) Server: www.microsoft.com is 1.2.3.4 Client Caching DNS Server.

Internet: Authoritive DNS Servers Resolver: gethostbyname( Server: is Client Caching DNS Server.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.
CLIENT / SERVER ARCHITECTURE AYRİS UYGUR & NİLÜFER ÇANGA.

CLIENT / SERVER ARCHITECTURE AYRİS UYGUR & NİLÜFER ÇANGA.
Lesson 17 – UNDERSTANDING OTHER NETWARE SERVICES.

Lesson 17 – UNDERSTANDING OTHER NETWARE SERVICES.
1 Web Content Delivery Reading: Section 9.2.2 and 9.4.3 COS 461: Computer Networks Spring 2007 (MW 1:30-2:50 in Friend 004) Ioannis Avramopoulos Instructor:

1 Web Content Delivery Reading: Section and COS 461: Computer Networks Spring 2007 (MW 1:30-2:50 in Friend 004) Ioannis Avramopoulos Instructor:
Viruses, Phishing and Pharming Megan, Matt, Rishi.

Viruses, Phishing and Pharming Megan, Matt, Rishi.
Windows Server 2008 Chapter 8 Last Update 2012.05.31 1.0.0.

Windows Server 2008 Chapter 8 Last Update
Wireshark and TCP/IP Basics ACM SIG-Security Lance Pendergrass.

Wireshark and TCP/IP Basics ACM SIG-Security Lance Pendergrass.
Test Review. What is the main advantage to using shadow copies?

Test Review. What is the main advantage to using shadow copies?
1 ISA Server 2004 Installation & Configuration Overview By Nicholas Quinn.

1 ISA Server 2004 Installation & Configuration Overview By Nicholas Quinn.

Similar presentations

Ads by Google