Would you like to learn how tap into a network?
Do you want to learn how to capture people’s passwords or hear their phone conversations?
There are many learning opportunities at DEF CON, especially at the Wall of Sheep. If you want to learn how to tap into a network, capture people's passwords, want to contribute to the Wall of Sheep, play Packet Detective, or play Capture The Packet, it is important that you come prepared with a computer with tools already installed! You do not want to be downloading tools and software at the conference as the DEF CON network is arguably the world's most hostile network.
A computer with wired or wireless networking is required. Any platform is acceptable (e.g., Mac OS X, Windows, Linux, Android). Administrative access on the computer is required!
Here is a list of tools that are frequently used at the Wall of Sheep and thus you should install most of them on your computer:
- Wireshark (http://www.wireshark.org/)
- Ettercap (http://ettercap.github.io/ettercap/)
- tcpdump (http://www.tcpdump.org/)
- WinDump (http://www.winpcap.org/windump/) --Windows only
- ngrep (http://ngrep.sourceforge.net/)
- NetworkMiner (http://www.netresec.com/?page=NetworkMiner)
- Xplico (http://www.xplico.org/)
- Cain & Abel (http://www.oxid.it/cain.html) -- Windows only
You can also choose a Linux distro live-CD aimed at penetration testing such as Kali Linux (https://www.kali.org/) to get up-and-running quickly as it has almost all the above tools installed already.
Step 1: Configure Your Machine
You will need to set your computer to allow it to capture ALL the traffic on the network, not just information sent specifically for that machine. An example of this would be to set your network adapter to promiscuous mode.
Helpful videos can be found under Tools and Training of our website.
Step 2: Be the Detective
The steps, repeat:
- Monitor the traffic
- Save the captures
- Analyze the data
Once you have your machine configure and some of the tools installed, you can practice and hone your skills at the Wall of Sheep. The Wall of Sheep will supply you with a live feed of the DEF CON wireless network so you can capture packets and analyze the data.
Be sure to test your Packet Detective skills at the Packet Detective tables by experiencing the same type of challenges that are used in Capture The Packet.
There is bit more than installing the tools, configuring your machine, and the repetitive steps: you also need to understand the network you will be investigating. That is:
- Are you going to tap into and sniff a wired network or a wireless network?
- Does the network use a hub or a switch?