April 15

Webinar Takeaway: No SPAN Port? No Tap? No Problem!

0  comments

My key takeaways

  • setting up security in home network is no easy job
  • no tap port? Think ARP cache poisoning
  • don’t run it on a production network!
  • Put RITA and Bettercap on a Raspberry Pi
  • Bettercap is able to do full duplex ARP cache poisoning
    • have to enable it in the config
    • you can whitelist devices as well
  • Re-configure the default gateway to the sniffing device avoids alot of the probs but is harder to do. Using a simple device for ARP cache poisoning is almost plug’n play.
  • all you need is one network adapter

Env

additional links


Tags

blue team, firewall, home network


You may also like

Webinar takeaway – Malware of the Day

Webinar takeaway – Malware of the Day

Webinar takeaway – How to Detect and Respond to Business Email (M365) Compromise

Webinar takeaway – How to Detect and Respond to Business Email (M365) Compromise
{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}