Page 44 - 30NOV2018E
P. 44
TECHNOLOGY
connected by hubs (WIFI). Active on one point — about one-third correct host is also ensured in such
sniffing launches Address Resolu- smartphone users have problems cases.
tion Protocol (ARP) spoofing; traf- with insecure communication or In a normal situation, a host
fic flooding attack against a switch WIFI. In many mobile Applications, gets the data intended for it. It will
in order to capture traffic. Passive data storage is not secure; authori- never receive data intended for
sniffing is hard to detect. The active sation controls are not secure too. another host. However, the sniffer
one is detectable. Then what happen? In normal can receive data not intended for it.
In cases of hubs or wireless me- cases, any system will read and And here Address Resolution Pro-
dia (WIFI), all hosts on the network respond to the traffic sent directly to tocol (ARP) plays a major role while
can see all traffic; it makes the life the MAC address. However, chang- data travel over the network.
of sniffer much easier. A passive ing the Network Interface Card
sniffer can capture traffic going to (NIC) to promiscuous mode changes How does ARP work?
and from all hosts connected via the the game altogether. To reach one host, another host
wireless media. Many hacking tools change the needs the MAC address; although
Almost every smartphone, system-dependent NIC to promis- IP address is the first necessity. ARP
somehow or other uses WIFI. My cuous mode. In promiscuous mode, translates the IP address to the MAC
mother uses it too and probably NIC reads all traffic and sends it to address to help the host to get to
your mothers. They simply hate the sniffer. Many hacking tools also the proper address. If the host has
the idea of using a desktop or lap- incorporate specially designed pro- a past conversation record with
top connected to Internet through another host, it first searches its
LAN and cable. They seem horrible ARP cache to find out the MAC
to them. When mobile apps address. If it has not done that, it
asks for the IP address first through
use third-party
Mobile banking kicks However, LAN connections are Application the ARP broadcast.
always more secure than WIFI.
What attacker does is apparently
Why? The switch works in a differ-
simple. It sends a fake or spoofed
Programming
ARP message to the Ethernet LAN.
ent way. It sends data according to
off in style! the MAC address (the hardware or Interface to These frames contain false MAC ad-
dresses that are enough to confuse
physical address of the computer). It
communicate
is much organized and it maintains
the network devices like switches. It
a MAC table of all systems and port
ternatively, it can be sent to the un-
numbers to which it is connected. over the network, allows the packets to be sniffed. Al-
For this reason, the switch is always it is always scarier reachable addresses that you know
About one-third of the ecently, I have been get- researchers find security flaws in safer than hubs or WIFI. However, as one has no as denial of service (DoS) attack. We
smartphone users, ting a little bit of tremu- mobile applications almost every it is not totally foolproof. Using control over it call it ARP spoofing or poisoning.
lous. I can remember
Search common vulnerabilities
span port or port mirroring may
other day.
especially in mid 50s have the excitement when My mother does not understand enable all data to be duplicated to of mobile applications over the
problems with insecure R my mother had first dis- host-to-host network communi- another port. Protocols are always miscuous mode driver that facili- Internet. You will find tons of
reports. When mobile Applications
covered the Mobile Banking App on cation. She does not care about
susceptible to sniffer if they are not
communication or WIFI. her smartphone. It was a great relief how data travel over a network, encrypted. Unfortunately, most of tates the sniffing process. use third-party Application Pro-
Options such as data that she did not have to go to the she hardly cares about the old OSI the smartphone users do not use gramming Interface (API) to com-
storage or authorisation bank anymore. She used to get stuck model which has seven layers of proper encryption or use broken Dissecting technical details municate over the network, it is
encryption. Using a sniffer you can
data communication. She cares a fig
When data travels over the net-
always scarier. You have no controls
in the serpentine queue to with-
controls are not secured in draw money. That was a headache. about the sniffer tools easily avail- easily capture protocols such as work, the header information is over those APIs. You never know
many mobile banking Now, she transfers money, buys able for obtaining important infor- HTTP, POP3, Simple Network Man- added to the beginning of the data. what types of vulnerabilities they
are adding to your smartphone. So
There are two types of header data
mation sent from a target system.
agement Protocol (SNMP), and FTP.
anything or make payments in the
applications. Question is grocery store in the blink of an eye. However, we, professional pen- Username and passwords can also — an IP header contains source and the risk is high.
whether Mobile Banking It is super cool and super hot at etration testers really care a damn be extracted from sniffing. destination IP addresses and the I have convinced my mother to
Once I had tried to explain these
is really safe? the same time. And, things started and have probably become con- little facts to my mother and she MAC header contains the source keep a minimum amount of balance
in her savings account. What can I
cerned about these little technical
and destination MAC addresses. IP
to get alarming. Am I a Goliath frog
SANJIB SINHA writes belonging to the Jurassic age? Am facts. stood up, anger rising, and I stopped addresses are necessary for rout- do? She finds mobile banking very
I blind as a bat, not able to see the Two types of sniffing are there – quickly. I sensed she could throw ing traffic to the correct IP network. easy. It’s actually easy and surpris-
headway in mobile technology? Or passive and active. Passive sniffer the book she was reading. But, be- MAC addresses assure one thing — ingly scary at the same time!
as an ethical hacker, I have become listens to and captures traffic. It lieve me, this threat is looming up the data is sent to the correct des-
fidgety and uneasy just because the is especially useful in a network out of the dark. Researchers agree tination network. Delivery to the LETTERS@TEHELKA.COM
TEHELKA / 30 NOVEMBER 2018 44 WWW.TEHELKA.COM TEHELKA / 30 NOVEMBER 2018 45 WWW.TEHELKA.COM
44-45 Sanjib Sinha.indd 2 11/16/2018 10:38:52 AM 44-45 Sanjib Sinha.indd 3 11/16/2018 10:38:58 AM
