Download "On-path Attacks - N10-008 CompTIA Network+ : 4.2"

"videoThumbnail On-path Attacks - N10-008 CompTIA Network+ : 4.2

0:03

On-path network attack

1:12

ARP poisoning (spoofing)

5:00

DNS spoofing / poisoning

6:12

Other on-path attacks

Copper Cabling - N10-008 CompTIA Network+ : 1.3

Copper Cabling - N10-008 CompTIA Network+ : 1.3

Channel: Professor Messer

network+

network+ professor messer

network+ certification

network+ training

network+ exam

network+ n10-008

network+ course

comptia network+

professor messer

certification

information technology

comptia certification

network plus

comptia network full course

n10-008

on-path

arp poison

arp spoofing

dns spoofing

session hijacking

00:00:01

when we communicate to a web server

00:00:04

we're usually assuming that our local

00:00:06

workstation and the web server are the

00:00:08

only two devices involved in this

00:00:10

conversation but attackers have realized

00:00:13

if they can get in the middle of this

00:00:14

conversation they can not only see what

00:00:17

you may be sending back and forth but

00:00:19

they may be able to modify it as it's

00:00:21

being sent across the network we used to

00:00:24

refer to this as a man-in-the-middle

00:00:26

attack you'll commonly see it now

00:00:28

referred to as an on path attack an on

00:00:31

path attack works by having an attacker

00:00:33

sit in the middle of the conversation

00:00:36

and they can redirect the traffic as

00:00:38

you're sending it back and forth to

00:00:39

another device from your perspective

00:00:42

everything's working normally you're

00:00:43

sending information out to the web

00:00:45

service and the web service is sending

00:00:47

information back to you you have no idea

00:00:49

that in the middle of this conversation

00:00:51

is a third party who's intercepting that

00:00:54

communication

00:00:55

on a local subnet one simple way to have

00:00:57

an on path attack is through the use of

00:01:00

arp poisoning arp is the address

00:01:02

resolution protocol and because there's

00:01:04

no security built in to arp we're able

00:01:07

to manipulate where certain devices can

00:01:10

send traffic let's look at how arp works

00:01:13

on a normal network configuration let's

00:01:15

say we've got a laptop and it needs to

00:01:17

communicate outside of our subnet so it

00:01:20

needs to find the mac address of the

00:01:22

local router the only thing this laptop

00:01:25

knows is that the local router's ip

00:01:26

address is 192.168.1.1

00:01:30

so your laptop will send a broadcast to

00:01:32

all devices on the network this

00:01:34

broadcast has a single message inside of

00:01:37

it that says if you happen to be

00:01:39

192.168.1.1

00:01:42

please respond back with your mac

00:01:44

address obviously our router is on this

00:01:47

network it does have the ip address of

00:01:50

192.168.1.1

00:01:52

so it's going to respond back to that

00:01:54

arp request saying that i am 192.168.1.1

00:01:59

and here is the mac address associated

00:02:02

with my ip address

00:02:04

when your laptop receives that message

00:02:06

it makes a note of that mac address and

00:02:08

stores it into a local cache this means

00:02:11

that it doesn't have to keep sending out

00:02:13

an arp request every time it wants to

00:02:15

communicate to 192.168.1.1

00:02:19

it simply uses the mac address that

00:02:21

already exists within its cache

00:02:23

on most networks this is the process

00:02:25

that occurs whenever a device needs to

00:02:27

communicate to a third party and if you

00:02:29

look at the local arp cache on your

00:02:31

computer you'll find a number of local

00:02:33

ip addresses and the mac addresses

00:02:35

associated with those but an

00:02:37

enterprising attacker can also take

00:02:39

advantage of this let's say that we have

00:02:41

an attacker on this network of

00:02:42

192.168.1.14

00:02:45

and you can see the mac address

00:02:47

associated with this device of aabb cc

00:02:51

ddeff

00:02:53

if this attacker would like to get into

00:02:54

the middle of this conversation it can

00:02:57

simply pretend to be the router so the

00:02:59

attacker will send out an unsolicited

00:03:01

arp response that says i am

00:03:05

192.168.1.1 which normally would be

00:03:07

associated with the router and my mac

00:03:09

address is the mac address associated

00:03:11

with the attacker's device or

00:03:13

aabbccc ddeff

00:03:17

when that arp response is received by

00:03:19

the laptop the laptop says oh the arp

00:03:22

has changed something that's different

00:03:24

let me update my arp cache which has the

00:03:27

same ip address but you can see now that

00:03:29

the arp cache has a completely incorrect

00:03:32

or spoofed mac address

00:03:34

this attacker can perform that same arp

00:03:36

poisoning to the router and now

00:03:38

everything that is sent back and forth

00:03:40

between these devices must pass through

00:03:42

the attacker's device

00:03:45

if you want to perform an on path attack

00:03:47

to devices that are not on your network

00:03:49

one way that you could do this is

00:03:51

through the use of dns poisoning where

00:03:53

you modify the entries that are inside

00:03:55

the dns server this obviously requires

00:03:58

someone have the skills to be able to

00:04:00

break into the dns server and make that

00:04:02

change but if you can modify those dns

00:04:05

files you can redirect people to

00:04:07

whatever i p address you'd like

00:04:10

if you're trying to change where one

00:04:11

particular device may be communicating

00:04:13

you don't have to change the dns server

00:04:15

you can simply modify the local host

00:04:17

file that's on that particular client

00:04:20

this usually causes antivirus and

00:04:22

anti-malware systems to throw a message

00:04:25

saying that someone's trying to

00:04:26

manipulate one of these very important

00:04:28

files that are on your system but if you

00:04:30

can find a way to modify that client's

00:04:32

host file you can effectively redirect

00:04:34

it to any ip address you'd like and a

00:04:37

third way to poison a dns conversation

00:04:39

is to simply send fake response to dns

00:04:42

requests that are being made normally

00:04:44

we're expecting a dns response to come

00:04:46

back from the dns server but if someone

00:04:48

can sit in the middle of the

00:04:50

conversation they can block the

00:04:51

legitimate dns reply and send their own

00:04:55

dns reply with whatever information

00:04:57

they'd like

00:04:59

let's take the first example where

00:05:00

someone modifies the configuration of an

00:05:03

existing dns server you can see that

00:05:06

professormesser.com is configured in

00:05:07

this dns server with 162.1

00:05:13

and when a user makes a dns query to the

00:05:15

dns server asking for the ip address of

00:05:18

professormesser.com

00:05:20

that information is provided back to the

00:05:21

user and that ip address is saved in the

00:05:24

local dns cache on that user's computer

00:05:27

a skilled attacker however could gain

00:05:29

access to the dns server and change what

00:05:32

configurations may be inside of that

00:05:34

service so it might change the ip

00:05:37

address of professormesser.com

00:05:39

to be 100.100.100.100

00:05:42

which by the way also matches the ip

00:05:44

address of the attacker we're assuming

00:05:47

that the attacker would like all of the

00:05:49

messages that would normally be sent to

00:05:51

professormesser.com to be sent to the

00:05:53

hacker's device instead this means that

00:05:56

any subsequent requests to the dns

00:05:58

server will be responded back with the

00:06:00

poisoned or spoofed ip address and

00:06:03

everyone else who tries to gain their ip

00:06:05

address from that service will end up

00:06:07

getting the ip address of the attacker

00:06:10

there are many different ways for an

00:06:12

attacker to gain access into these

00:06:14

conversations and perform an on path

00:06:16

attack you might see session hijacking

00:06:19

https spoofing or something as easy as

00:06:22

eavesdropping over the wi-fi connection

00:06:24

to cause this on path attack

00:06:27

in almost all of these situations you

00:06:29

can avoid these types of on-path attacks

00:06:32

by simply using encryption if the

00:06:35

attacker can't see the information

00:06:37

contained within the packets then

00:06:38

obviously your data will remain safe and

00:06:41

an encryption connection can't be

00:06:42

modified so an attacker would not have a

00:06:45

way to inject their own data into your

00:06:47

existing data flows

Description:

Network+ Training Course Index: https://www.professormesser.com/network-plus/n10-008/n10-008-video/n10-008-training-course/ Professor Messer’s Course Notes: https://www.professormesser.com/n10-008-success-bundle/ Discount exam vouchers: https://www.professormesser.com/vouchers/ - - - - - If an attacker can get into the middle of a conversation, they can effectively read and modify all network communication. In this video, you’ll learn about on-path attacks and how to prevent them. - - - - - Subscribe to get the latest videos: https://www.youtube.com/user/professormesser?sub_confirmation=1 Calendar of live events: https://www.professormesser.com/calendar/ Frequently Asked Questions: https://www.professormesser.com/faq/ FOLLOW PROFESSOR MESSER: Professor Messer website: https://www.professormesser.com/ Twitter: https://professormesser.com/twitter/ Facebook: https://professormesser.com/facebook/ Instagram: https://professormesser.com/instagram/ LinkedIn: https://professormesser.com/linkedin/

Preparing download options

Popular

HD video

Only sound

All

* — If the video is playing in a new tab, go to it, then right-click on the video and select "Save video as..."

** — Link intended for online playback in specialized players

Questions about downloading video

How can I download "On-path Attacks - N10-008 CompTIA Network+ : 4.2" video?

http://unidownloader.com/ website is the best way to download a video or a separate audio track if you want to do without installing programs and extensions.
The UDL Helper extension is a convenient button that is seamlessly integrated into YouTube, Instagram and OK.ru sites for fast content download.
UDL Client program (for Windows) is the most powerful solution that supports more than 900 websites, social networks and video hosting sites, as well as any video quality that is available in the source.
UDL Lite is a really convenient way to access a website from your mobile device. With its help, you can easily download videos directly to your smartphone.

Which format of "On-path Attacks - N10-008 CompTIA Network+ : 4.2" video should I choose?

The best quality formats are FullHD (1080p), 2K (1440p), 4K (2160p) and 8K (4320p). The higher the resolution of your screen, the higher the video quality should be. However, there are other factors to consider: download speed, amount of free space, and device performance during playback.

Why does my computer freeze when loading a "On-path Attacks - N10-008 CompTIA Network+ : 4.2" video?

The browser/computer should not freeze completely! If this happens, please report it with a link to the video. Sometimes videos cannot be downloaded directly in a suitable format, so we have added the ability to convert the file to the desired format. In some cases, this process may actively use computer resources.

How can I download "On-path Attacks - N10-008 CompTIA Network+ : 4.2" video to my phone?

You can download a video to your smartphone using the website or the PWA application UDL Lite. It is also possible to send a download link via QR code using the UDL Helper extension.

How can I download an audio track (music) to MP3 "On-path Attacks - N10-008 CompTIA Network+ : 4.2"?

The most convenient way is to use the UDL Client program, which supports converting video to MP3 format. In some cases, MP3 can also be downloaded through the UDL Helper extension.

How can I save a frame from a video "On-path Attacks - N10-008 CompTIA Network+ : 4.2"?

This feature is available in the UDL Helper extension. Make sure that "Show the video snapshot button" is checked in the settings. A camera icon should appear in the lower right corner of the player to the left of the "Settings" icon. When you click on it, the current frame from the video will be saved to your computer in JPEG format.

What's the price of all this stuff?

It costs nothing. Our services are absolutely free for all users. There are no PRO subscriptions, no restrictions on the number or maximum length of downloaded videos.