

Homework 4: Man-on-the-Side Attacks - privong
https://www3.cs.stonybrook.edu/~mikepo/CSE508/hw/hw4.txt

======
acveilleux
It's a lot easier if you can cause the traffic to hijack to take a circuitous
route through the Internet...

[http://www.wired.com/2013/12/bgp-hijacking-belarus-
iceland/](http://www.wired.com/2013/12/bgp-hijacking-belarus-iceland/)

or more recently:

[http://research.dyn.com/2015/03/uk-traffic-diverted-
ukraine/](http://research.dyn.com/2015/03/uk-traffic-diverted-ukraine/)

------
dtouch3d
I was at first excited about an undergraduate program that would have
homeworks like this, then I saw the PhD tag.

Something like scapy is perfect for this, I'm not sure about the speed though.

~~~
bonyt
I took the undergraduate version of this class (at Stony Brook), the homework
assignments were similar (usually, just the graduate version with a slightly
lower bar to success - I partnered with a grad student so I had to do the
graduate version.)

Our assignments were (1) a toy implementation of RSA, complete with the
ability to generate SSL certificates (so, ASN.1 encoding, etc) using only a
bignum library and (2) implementing a known buffer overflow attack on an old
version of sendmail. (
[http://web.nvd.nist.gov/view/vuln/detail?vulnId=CAN-2002-133...](http://web.nvd.nist.gov/view/vuln/detail?vulnId=CAN-2002-1337)
)

[https://web.archive.org/web/20140106173814/http://www.cs.sto...](https://web.archive.org/web/20140106173814/http://www.cs.stonybrook.edu/~mbaig/courses/cse509ta/project2.html)

------
jaideepsingh
I see the site itself is using obsolete cryptography as per Google Chrome
[http://i.imgur.com/cF0SAmN.jpg](http://i.imgur.com/cF0SAmN.jpg)

Don't know if its relevant to the submission :)

~~~
dikaiosune
I would wager that the crypto settings are done by some central IT
organization within the school. Experience would suggest that the CS
professors think the sys admins are a bunch of amateurs, and the sys admins
probably think the professors are snobs with no appreciation of cost and
"real-world" applications.

------
charliefg
Ha, that's an interesting idea.

About 2 months ago -- for a presentation about being vigilant with your
smartphone on public APs -- I implemented a toolkit that was essentially a
man-in-the-middle/evil twin -- a single channel BSS analysis tool which
allowed for broadcast and targeted deauth injection along with a probe request
monitor, all in one interface, and a DNS spoofer in the other interface. I
used HostAP for network spoofing. Its the simplest exploit but was _very_
interesting building the demo and the kids enjoyed it!

This is another good little attack piece to shove in!

------
coherentpony
[http://en.wikipedia.org/wiki/Man-on-the-
side_attack](http://en.wikipedia.org/wiki/Man-on-the-side_attack)

~~~
userbinator
Comparison of MitM and MotS

    
    
                             Observe    Inject    Delete    Modify
        Man-in-the-middle    X          X         X         X
        Man-on-the-side      X          X
        Packet Sniffing      X
    

I wonder if the other combinations have names too.

~~~
awruef
one wonders what the difference between "delete" and "modify" is...

~~~
gilney
modify = delete + inject?

