Brian / Adrian, You might want to look into XArp 2. There is a free beta version. We almost included it in a class I help put together, but we ran out of time/space. The full version is $31.
http://www.chrismc.de/ Cheers, Steve On Tue, Jun 2, 2009 at 9:34 PM, Brian H <[email protected]> wrote: > [REPOST APOLOGY]: Sorry if this is a repost, I never saw my original > message hit the list, so I'm trying again. > > I just finished watching Adrian's "Hacker Con WiFi Hijinx Video: > Protecting Yourself On Potentially Hostile Networks " which was fun, > and I was happily surprised to see he had started development of an > user end IPS "DecaffeinatID". It reminded me of the "Hot Spot > Defense Kit" from the Shmoo group. Ever since I saw it during a > Defcon presentation, I loved it and I thought it should pretty much be > a standard install with any wireless workstation. Sadly no > development seems to have gone past that proof of concept. It was > useful for Tiger installs, but nothing since. > > With the advent of so many MiTM tools out there, it seems that there > are so few defensive ones. I'm not a programmer, but it just seems so > surprising that more of these haven't been developed. I realize that > ARP is only one attack vector, and that DNS and DHCP spoofing can also > be employed, but this just seems to be the easy, low hanging fruit > that hasn't been picked off yet. > > One's I know of: > > - Windows - decaffeinatid - beta development - promising outlook > - Macintosh - Hot Spot Defense Kit (HSDK) - no development - Broken in > Leopard (10.5) > - Macintosh - ArpSpyX - current development? - just found it, have yet > to test > - Linux - Arpwatch - current development - basic command line, not > widget/desktop friendly > > What are your experiences on host based protection from MiTM attacks? > > Also, speaking of hostile networks, how many people are heading to > Defcon17? Any possibilities for a meet up? > > ---- > Brian H > [email protected] > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
