"Practical examples in the cybersecurity laboratory - UPEC"

Abstract

Currently through the internet there are people who seek to violate systems or applications, for this they use different cyberattacks, several techniques such as Session Hijack, or spoofing attack and tools such as John the Ripper, these are the most used attacks hackers to obtain the session of users connected to the network. This type of attack is carried out through the network, taking advantage of the weaknesses of the system or application, since it is known that sensitive information is transported between sessions, for this purpose, ARP poisoning is used with the Sniffer that allows to capture and visualize all the network traffic, thus obtaining the port and protocol that are being used for the connection. In this document, the practices were carried out in the UPEC Cybersecurity laboratory, this laboratory was implemented as part of the research project “Security and computer service in the Provincial Government of Carchi (Ecuador) and the Municipal Mayors of Pasto, Ipiales and Túquerres (Colombia) ”The practices showed the interception of a session to a user who is connected to the Centos virtual machine using Telnet, which is a protocol that allows access to another machine and to use it remotely from the Windows 7 virtual machine. Kali Linux was used as the attacker and carried out a network scan and applied "poisoning" to then access the connection, thus testing the ease with which session subtraction can be done to users who are connected, so it is He recommended using encryption protocols for the headers so that it is not so easy to access the victim's connection.