My key takeaways
- setting up security in home network is no easy job
- no tap port? Think ARP cache poisoning
- don’t run it on a production network!
- Put RITA and Bettercap on a Raspberry Pi
- Bettercap is able to do full duplex ARP cache poisoning
- have to enable it in the config
- you can whitelist devices as well
- Re-configure the default gateway to the sniffing device avoids alot of the probs but is harder to do. Using a simple device for ARP cache poisoning is almost plug’n play.
- all you need is one network adapter
Env
- Provided by BHIS
- Presenter: John Strand