One of the ways to expose our password is trough a man in the middle attack. For example, we login in a hotel while other guests are using ettercap.
One of the possible ways to protect ourselves is adding a static entry in our arp cache, ensuring that we won't be using any gateway other than the one we just introduces. For example, let's put the case we just logged in the hotel wifi and our gateway uses IP 192.168.0.1 and we use wlan1 as interface:
$ sudo arp -a
cm09.sigma24.maxonline.com.sg (18.22.12.59) at 3X:0D:02:20:78:f4 [ether] on wlan1
? (192.168.0.1) at 00:3a:01:de:d5:05 [ether] on wlan1
We will add a static entry, so if someone announces a mac address change for our gateway we won't be following:
$ sudo arp -s 192.168.0.1 00:3a:01:de:d5:05 -i wlan0
Done. With this we will be a bit more secured when traveling and logging in 3rd parties WI-FI.
No comments:
Post a Comment