The workshop also immerses attendees in the exploitation of vulnerable ICS systems and protocols using tools and methods such as Metasploit, Armitage, John the Ripper, Ettercap
, Wireshark, hex editors, packet injection, etc.
It comprises tools such as: Aircrack-ng, Kismet, Nmap, Ettercap
, Wireshark, wids.
is a free and open source network security tool for man-in-the-middle attacks on LAN.
Would-be miscreants who want to utilize the technique can now simply buy the components "off the shelf' to carry out such an attack by employing ready-made toolkits like Ettercap
, dsniff, and Mallory (a creative use of the classic MitM character's name).
In the second experiment, we have setup man in the middle attack between the trusted client and the server as shown in Figure 5 with the Ettercap
Examples of the tools used are Arpspoof, which redirects packets from a target host on the LAN to the intended host on the same LAN, by forging Address Resolution Protocol replies to the target host; SSLStrip, to hijack HTTP traffic; Ettercap
, a utility for sniffing, intercepting and logging; or Wireshark, a network protocol analyser used as a packet sniffer.
The authors, who are managers at Ernst & Young's advanced security center, discuss Nessus, Ettercap
, Hydra, Nikto, the Metasploit framework, the PMD tool, Linux kernel modules, network sniffers, and packet injectors.