1
00:00:00,210 --> 00:00:06,750
If you don't configure your network properly, it's very easy for someone using Kali Linux or another

2
00:00:06,750 --> 00:00:13,830
type of hacking tool to exhaust the IP addresses in a DHCP pool, set up a rogue DHCP server, and then allocate

3
00:00:13,830 --> 00:00:17,320
IP addresses to clients in a incorrect subnet

4
00:00:17,640 --> 00:00:22,980
and what I'm going to show you in this video is how to do that, but also show you how to set up the Kali

5
00:00:23,370 --> 00:00:31,200
Linux host as the default gateway so that traffic from PCs is sent via Kali Linux to the Internet or

6
00:00:31,200 --> 00:00:36,270
to other devices in the network so that we can implement a man-in-the-middle attack.

7
00:00:50,270 --> 00:00:57,200
DHCP, or dynamic host configuration protocol is a fundamental building block in networks today and administrator

8
00:00:57,230 --> 00:01:03,560
which could be you will configure a pool or scope, which is a range of IP addresses that are allocated

9
00:01:03,560 --> 00:01:05,390
to hosts in a specific subnet.

10
00:01:06,110 --> 00:01:12,890
Hosts will send a broadcast typically to request an IP address from a DHCP server, and the DHCP server will

11
00:01:12,890 --> 00:01:14,850
allocate the IP address to the client.

12
00:01:14,990 --> 00:01:17,330
Have a look at this video, which I've linked here below.

13
00:01:17,520 --> 00:01:23,750
If you want to learn more about the fundamentals of DHCP, in that video I'll show you how DHCP is configured,

14
00:01:24,020 --> 00:01:26,360
how IP addresses are allocated to clients.

15
00:01:26,640 --> 00:01:27,410
I'll show you through

16
00:01:27,410 --> 00:01:33,280
Wireshark captures, how messages are sent from a client to server and from a server to a client.

17
00:01:33,650 --> 00:01:35,710
Now, a quick summary of what we are going to do in this video.

18
00:01:35,750 --> 00:01:41,180
We're going to hack DHCP, we're going to exhaust a DHCP pool or DHCP scope.

19
00:01:41,180 --> 00:01:42,560
So that's the first attack.

20
00:01:42,830 --> 00:01:47,900
We're going to set up a rogue DHCP server to allocate IP addresses from the fake subnet, 

21
00:01:47,900 --> 00:01:49,880
second attack, third attack

22
00:01:49,880 --> 00:01:53,270
we're going to set the default gateway of clients to Kali Linux.

23
00:01:53,510 --> 00:01:58,750
So when they get an IP address from the rogue subnet, they're going to see the default gateway as the

24
00:01:59,140 --> 00:01:59,900
Linux host

25
00:02:00,080 --> 00:02:02,810
and that allows us to implement a man-in-the middle attack.

26
00:02:03,020 --> 00:02:07,910
So for text right there, then we'll use Wireshark to sniff passwords on the network.

27
00:02:08,270 --> 00:02:14,600
You need to be careful when you configure your network using protocol such as DHCP, make sure that you

28
00:02:14,600 --> 00:02:17,360
configure your network securely and properly.

29
00:02:17,570 --> 00:02:20,690
Otherwise, it's very easy to hack networks that run DHCP.

30
00:02:21,710 --> 00:02:26,270
Now this is one of multiple videos where I'm showing you how to hack networks using Kali Linux.

31
00:02:26,510 --> 00:02:28,670
I don't just want to show you how to break networks.

32
00:02:28,670 --> 00:02:32,960
I want to show you how to protect networks and I'll show you how to do that in subsequent videos

33
00:02:32,960 --> 00:02:39,050
in this series. In previous videos in the series, I showed you how to hack a physical Cisco switch

34
00:02:39,590 --> 00:02:43,970
but I'm traveling at the moment, so I don't want to carry a whole bunch of equipment around with me.

35
00:02:44,240 --> 00:02:48,830
So what I've done is taken that switch or logically, taken that switch and put it into the cloud.

36
00:02:49,280 --> 00:02:54,740
In this example, I'm using EveNG and I've got a Cisco switch as well as a Cisco router.

37
00:02:54,980 --> 00:02:58,070
I've got a Windows 10 computer and I've got Kali Linux.

38
00:02:58,280 --> 00:03:00,730
These devices are connected to the Internet.

39
00:03:01,250 --> 00:03:03,290
This network is running in the cloud

40
00:03:03,530 --> 00:03:10,400
but you could simulate this network on your laptop using GNS3 or EveNG or Cisco VIRL.

41
00:03:10,760 --> 00:03:14,150
In this example, the switch is running a Cisco VIRL iOS image.

42
00:03:14,480 --> 00:03:17,330
The router is running a Cisco VIRL image as well.

43
00:03:17,720 --> 00:03:21,320
Have a look at my EVE-NG videos or my GNS3 videos, 

44
00:03:21,530 --> 00:03:27,380
if you want to learn more about how to virtualize networks on your laptop or how to virtualize them

45
00:03:27,380 --> 00:03:28,130
in the cloud.

46
00:03:28,950 --> 00:03:30,300
So let's start with the switch

47
00:03:30,330 --> 00:03:32,690
and here's my console to the switch.

48
00:03:33,170 --> 00:03:38,510
Now, in this example, I'm currently in South Africa, so my connection may be a bit slow to the Northern

49
00:03:38,510 --> 00:03:39,050
Hemisphere.

50
00:03:39,380 --> 00:03:41,000
Hopefully it won't affect this lab

51
00:03:41,300 --> 00:03:50,000
but notice I've connected to a switch, show version shows me that this is a Cisco vios layer 2 switch

52
00:03:50,270 --> 00:03:52,310
running version 15.2.

53
00:03:52,790 --> 00:03:56,360
Now, don't worry too much about the details of the switch.

54
00:03:56,360 --> 00:04:00,620
This is a Cisco switch, but any switch could be used in this topology.

55
00:04:01,160 --> 00:04:07,160
I'm also using a Cisco router, but again, you could use any router here if you wanted to.

56
00:04:07,730 --> 00:04:17,660
So this Cisco router, type show version is a Cisco ios V router running version 15.6 1T.

57
00:04:18,529 --> 00:04:24,170
The reason I'm using a router here is I want to set up this router as a DHCP server.

58
00:04:26,310 --> 00:04:33,150
So if I type show run, that shows me the running configuration of this device and what I want to point

59
00:04:33,150 --> 00:04:40,400
out here is I've configured a DHCP pool, a DHCP pool in Cisco terminology is very similar to a scope.

60
00:04:40,800 --> 00:04:44,940
So it's a range of IP addresses that we're going to allocate to clients in our network.

61
00:04:45,570 --> 00:04:50,460
The subnet that's going to be allocated is 10.1.1.0/24.

62
00:04:50,790 --> 00:04:52,890
So /24 mask is being used.

63
00:04:53,230 --> 00:04:55,020
This is the default gateway.

64
00:04:55,230 --> 00:04:57,630
That is the IP address of the router.

65
00:04:57,960 --> 00:05:01,250
I've set the DNS server to Google, scrolling down,

66
00:05:01,470 --> 00:05:04,800
notice this is the IP address of the Cisco router.

67
00:05:05,370 --> 00:05:09,730
At the moment, this device has its interface shut down.

68
00:05:10,170 --> 00:05:14,220
So what I'll do is no shut that.

69
00:05:14,220 --> 00:05:15,860
That basically enables it.

70
00:05:16,140 --> 00:05:19,470
I'll also enable the connection to the Internet.

71
00:05:19,860 --> 00:05:27,810
Going back to my topology this interface on the router connects me to my internal network and this

72
00:05:27,810 --> 00:05:29,730
interface connects me to the Internet.

73
00:05:30,660 --> 00:05:34,020
So I'll type end here, show IP interface brief.

74
00:05:37,140 --> 00:05:43,770
This is the IP address on the internal interface, interfaces up, up, that means that it's working.

75
00:05:44,220 --> 00:05:46,630
This interface is connected to the Internet.

76
00:05:47,520 --> 00:05:48,150
It's using DHCP.

77
00:05:49,260 --> 00:05:55,590
So this router should be able to, as an example, ping Google.com, which it can and I'll save

78
00:05:55,590 --> 00:05:57,210
the configuration of the router.

79
00:05:58,350 --> 00:06:01,600
Now, again, you don't have to use a Cisco switch or a Cisco router.

80
00:06:02,550 --> 00:06:08,790
The reason I want to use the Cisco switch here is Cisco switches support something called DHCP Snooping

81
00:06:09,000 --> 00:06:12,810
which allows me to stop these kinds of attacks in a network.

82
00:06:13,830 --> 00:06:18,210
I haven't configured anything on the switch at the moment, but in subsequent videos, I'll show you

83
00:06:18,210 --> 00:06:19,320
how to stop this attack

84
00:06:19,620 --> 00:06:23,250
but I firstly want to show you what's possible using Kali Linux.

85
00:06:23,580 --> 00:06:25,340
So I'll open up a console to Kali.

86
00:06:26,130 --> 00:06:30,450
I'm not going to get into the debate about the correct way to pronounce Kali.

87
00:06:30,870 --> 00:06:35,190
Different people pronounce it differently, but for the moment, that's the way I'm going to pronounce

88
00:06:35,190 --> 00:06:35,370
it.

89
00:06:36,430 --> 00:06:42,400
OK, so here's my Kali Linux host, let's check if it got an IP address, it may not have got an

90
00:06:42,400 --> 00:06:45,330
IP address because the routers interface was shut down.

91
00:06:45,880 --> 00:06:49,840
I'll use more here rather than simply showing all the output

92
00:06:50,290 --> 00:06:59,230
and what you'll notice is this device has this IP address, 10.1.1.3, show IP DHCP bindings on the

93
00:06:59,920 --> 00:07:00,820
Cisco router.

94
00:07:02,570 --> 00:07:09,520
We can see that this IP address has been allocated to this Mac address, this command show, IP DHCP

95
00:07:09,560 --> 00:07:14,610
binding basically shows us which IP addresses have been allocated to which Mac addresses.

96
00:07:15,110 --> 00:07:22,340
So this is the Mac address that Kali is supposedly using, 50001.0002.

97
00:07:22,550 --> 00:07:24,550
0000 and back

98
00:07:24,560 --> 00:07:29,750
in Kali, we can see that is the Mac address of this Ethernet interface.

99
00:07:30,710 --> 00:07:35,960
Okay, so what I'm going to do now is start Yersenia using a graphical user interface.

100
00:07:36,290 --> 00:07:40,550
In a previous video, which I've linked here, I showed you how to install this on Kali Linux.

101
00:07:40,850 --> 00:07:45,560
I also showed you how to implement or use lyer 2 attacks using Yersenia

102
00:07:45,890 --> 00:07:51,260
but in this example, I'm going to show you how to use this for DHCP attacks and we're told that this is an

103
00:07:51,260 --> 00:07:52,160
alpha version.

104
00:07:52,160 --> 00:07:56,120
That's ok, so I'm going to click OK, and I'm going to go to DHCP.

105
00:07:57,710 --> 00:07:59,270
We can see some options here

106
00:07:59,750 --> 00:08:03,200
but what I want to do is launch a DHCP attack.

107
00:08:03,740 --> 00:08:05,180
So click launch attack

108
00:08:06,330 --> 00:08:14,900
and we are going to send discover packets using Denial-of-service, now before I do that on the router, show

109
00:08:15,120 --> 00:08:16,830
IP DHCP binding.

110
00:08:18,960 --> 00:08:23,490
We only have one IP address allocated to a client.

111
00:08:24,210 --> 00:08:29,460
Now, the reason why the Windows host hasn't got an IP address yet is it's currently off.

112
00:08:29,610 --> 00:08:32,929
I haven't started the Windows host at this point.

113
00:08:33,960 --> 00:08:38,700
So again, show IP DHCP binding on the Cisco router.

114
00:08:39,600 --> 00:08:41,820
Only one IP address has been allocated.

115
00:08:42,600 --> 00:08:48,480
So in Kali, I'm going to click OK to start a discover denial of service attack

116
00:08:49,230 --> 00:08:55,580
and what you'll see is a whole bunch of DHCP messages are being sent into the network.

117
00:08:55,590 --> 00:09:03,840
You can see this packet-count is going up, on the Cisco router show IP DHCP binding.

118
00:09:06,390 --> 00:09:14,490
What you'll notice is a whole bunch of IP addresses have now been allocated, so 10.1.1.1, 10.1

119
00:09:14,490 --> 00:09:18,510
1.2, 3, 4, and it just carries on.

120
00:09:19,170 --> 00:09:26,370
Basically, Kali Linux has exhausted the DHCP pool on the Cisco router

121
00:09:27,450 --> 00:09:33,090
and as I keep scrolling, what you'll notice is all addresses have been taken from this pool.

122
00:09:33,540 --> 00:09:40,170
There are no IP addresses left in this pool show IP, DHCP, Questionmark, pool.

123
00:09:42,610 --> 00:09:43,990
Let's press enter here.

124
00:09:44,740 --> 00:09:49,840
253 addresses have been allocated from the pool, the reason why it's 253

125
00:09:49,840 --> 00:09:56,570
is the router is using IP address 10.1.1.254.

126
00:09:57,190 --> 00:10:01,750
So this IP address shouldn't be allocated to clients because that's the IP address that the router is

127
00:10:01,750 --> 00:10:02,140
using.

128
00:10:03,910 --> 00:10:10,750
So again, show IP, DHCP pool shows us that at this point we've successfully exhausted the DHCP pool

129
00:10:11,050 --> 00:10:12,580
on the DHCP server.

130
00:10:12,820 --> 00:10:18,340
No IP addresses are going to be available for the Windows 10 client when we started up.

131
00:10:18,790 --> 00:10:24,160
So I'll start that up and I'll open up a console to the Windows device.

132
00:10:24,970 --> 00:10:30,490
It'll take a while for this device to boot up, but once it's booted up fully, we'll see that it won't

133
00:10:30,490 --> 00:10:35,770
get an IP address because we've exhausted the IP addresses in the DHCP pool.

134
00:10:36,280 --> 00:10:43,390
Now, warning I will give you is a lot of packets are being sent into the network that can cause all

135
00:10:43,390 --> 00:10:44,110
kinds of issues.

136
00:10:44,110 --> 00:10:47,350
So don't run this in a production network.

137
00:10:47,560 --> 00:10:49,960
Be careful where you're going to run these attacks.

138
00:10:50,750 --> 00:10:54,790
Notice the number of DHCP, discover messages being sent into the network.

139
00:10:55,850 --> 00:11:01,820
OK, so my Windows PC is booted up, I'm going to open up a command prompt and what I'll do is make

140
00:11:01,820 --> 00:11:04,400
this bigger so the font isn't so small.

141
00:11:06,090 --> 00:11:11,700
It's running really slowly here, and that's probably because of the number of broadcasts being sent

142
00:11:11,790 --> 00:11:20,840
to the network, if I type IP config notice, no IP address has been allocated to this Windows PC.

143
00:11:21,120 --> 00:11:29,100
It's using the default 169.254 IP address range IP config slash renew.

144
00:11:32,170 --> 00:11:41,560
This device is not going to get an IP address because we've exhausted the DHCP pool on the DHCP server, but what

145
00:11:41,560 --> 00:11:44,130
we can do now is launch our second attack.

146
00:11:44,500 --> 00:11:46,180
So I'm going to click launch attack

147
00:11:48,550 --> 00:11:52,390
and let's set up a DHCP rogue server.

148
00:11:55,000 --> 00:11:57,710
IP address is going to be 10.1.1.3.

149
00:11:58,150 --> 00:12:00,670
That's the IP address of our Kali Linux server.

150
00:12:01,360 --> 00:12:09,210
I'm going to allocate IP addresses in the range 10.1.1.100 to 10.1.1.150.

151
00:12:09,960 --> 00:12:13,870
I'll set the least time to 3600 secconds.

152
00:12:13,870 --> 00:12:17,080
Same for renew subnet mask will be

153
00:12:17,080 --> 00:12:21,390
this the default router is now going to be Kali.

154
00:12:21,400 --> 00:12:31,960
It's not going to be the actual router in the network DNS server will set as Google and the domain name.

155
00:12:32,260 --> 00:12:34,950
You probably don't want to use something like hacked.com.

156
00:12:35,260 --> 00:12:39,520
Let's just specify home.com and click, OK.

157
00:12:40,420 --> 00:12:47,500
OK, back on the Windows, host type IP config notice we've been given this IP address 10.1.1

158
00:12:47,500 --> 00:12:53,650
100 and notice this default gateway is 10.1.13.

159
00:12:54,220 --> 00:12:58,780
That's really important the actual default gateway is 10.1.1.254.

160
00:12:58,780 --> 00:13:04,090
Kali Linux is using IP address 10.1.1.3.

161
00:13:04,930 --> 00:13:16,360
So IF Config more shows us that this is the IP address of the Kali Linux host, so the Windows computer

162
00:13:16,360 --> 00:13:19,210
is using Kali as its default gateway.

163
00:13:19,780 --> 00:13:25,030
That's important because when the Windows host sends traffic to the Internet, that traffic is going

164
00:13:25,030 --> 00:13:29,740
to go via Kali to this router, onto the Internet.

165
00:13:31,710 --> 00:13:37,110
So as an example, the router has this loopback interface configured on it of 1.1.1

166
00:13:37,110 --> 00:13:42,990
.1 that's essentially a loopback or imaginary interface on the router that allows us to add a

167
00:13:42,990 --> 00:13:50,880
subnet to the router. The PC at the moment, won't be able to ping that loopback address because the

168
00:13:50,880 --> 00:13:53,700
traffic is going through the network to Kali

169
00:13:53,700 --> 00:13:56,810
but Kali is not forwarding that traffic to the router.

170
00:13:57,330 --> 00:14:02,070
We need to type a command on the Kli Linux host to forward the traffic.

171
00:14:02,580 --> 00:14:05,100
So, again, notice the pings are failing.

172
00:14:06,090 --> 00:14:09,590
So in Kali,  we going to type sysctl

173
00:14:12,140 --> 00:14:21,000
-w. net ipv4 IP_forward=one.

174
00:14:22,490 --> 00:14:27,280
Basically, we're going to allow the Linux host to forward traffic that's sent to it.

175
00:14:27,920 --> 00:14:33,380
So on the Windows PC ping, 1.1.1.1 now works.

176
00:14:33,380 --> 00:14:43,550
That traffic is going via the Kali Linux server and we can see that by going to applications, sniffing

177
00:14:43,550 --> 00:14:44,300
and spoofing, 

178
00:14:45,950 --> 00:14:46,910
wireshark.

179
00:14:48,790 --> 00:14:52,760
So Wireshark will allow us to see the traffic being sent on the network.

180
00:14:53,500 --> 00:15:00,100
I'm going to capture traffic on Ethernet 0 and I'll filter this for ICMP traffic.

181
00:15:01,880 --> 00:15:08,690
So back on the Windows PC, if I ping 1.1.1.1, we can see that traffic

182
00:15:09,530 --> 00:15:12,950
from the PC to the router.

183
00:15:13,430 --> 00:15:20,330
We see a bunch of ICMP redirects, but essentially the traffic is being sent through Kali to the router.

184
00:15:20,510 --> 00:15:24,470
We only see half the conversation, but we can see the pings

185
00:15:25,250 --> 00:15:26,630
and this is the important piece.

186
00:15:27,500 --> 00:15:35,120
Let's assume the administrator of the router did something very stupid and allowed Telnet connections.

187
00:15:35,690 --> 00:15:42,860
So on the Windows PC, I'm going to telnet to the router to administer the router, we should actually

188
00:15:42,860 --> 00:15:44,030
be using SSH.

189
00:15:46,210 --> 00:15:48,400
So before I click, OK.

190
00:15:49,420 --> 00:15:53,350
Let's filt for Telnet in Wireshark

191
00:15:54,630 --> 00:15:57,330
and I'll click open in PuTTy.

192
00:15:58,720 --> 00:16:03,130
Now, that font is very small, but I'll enter the password and log in.

193
00:16:12,410 --> 00:16:18,830
So I've changed the font now, basically the router prompted for a password, which I entered and I'm

194
00:16:18,830 --> 00:16:23,930
now in what's called user mode type enable, enter my password, and I'm in privileged mode.

195
00:16:24,860 --> 00:16:33,350
But noticing Kali, now, I can see Telnet information, including the password, here's the password C

196
00:16:33,500 --> 00:16:34,130
i

197
00:16:34,700 --> 00:16:38,140
s c o, Cisco.

198
00:16:38,510 --> 00:16:40,370
Now, that's not such an easy way to view it

199
00:16:40,370 --> 00:16:40,850
so I'm going to

200
00:16:40,850 --> 00:16:41,180
right

201
00:16:41,180 --> 00:16:45,080
click on a packet and click follow TCP stream

202
00:16:46,650 --> 00:16:53,340
and what you'll notice there, there's the first password I typed enable there's the second password,

203
00:16:53,340 --> 00:16:54,090
which is Cisco.

204
00:16:54,610 --> 00:17:00,810
So I was able to see the password that was transmitted from the Windows host to the router because the

205
00:17:00,810 --> 00:17:04,440
traffic is being sent through the Kali Linux host to the router.

206
00:17:05,579 --> 00:17:11,250
So that is an example of a man in the middle attack, now on the PC

207
00:17:12,530 --> 00:17:13,880
I'll open up a Web browser

208
00:17:16,109 --> 00:17:18,450
and what I'll do in Kali

209
00:17:20,050 --> 00:17:21,730
is specify HTTP.

210
00:17:23,619 --> 00:17:25,460
So let's look at HTTP traffic.

211
00:17:26,230 --> 00:17:35,170
You should be using HTTPS, most websites use HTTPS, but again, if I connect to the router and put

212
00:17:35,170 --> 00:17:40,750
in my username and password using HTTP and sign in.

213
00:17:42,070 --> 00:17:48,910
I can log into the router and I'll be able to view information on the router, such as monitor the

214
00:17:48,910 --> 00:17:51,970
router by using command on the router.

215
00:17:52,960 --> 00:18:01,030
So I could type show IP interface brief as an example and execute that command on the router using HTTP

216
00:18:02,260 --> 00:18:10,540
But back in Cali, you'll notice I'll be able to see all the traffic from the PC to the router.

217
00:18:15,190 --> 00:18:20,770
And one of the things I want to point out here is notice authorization there, all of the credentials,

218
00:18:20,770 --> 00:18:25,210
username and password used to log into the Cisco router.

219
00:18:26,080 --> 00:18:31,000
Again, that's a man in the middle of tech, the PC sending the traffic to its default gateway, which

220
00:18:31,000 --> 00:18:34,050
is the Kali Linux host, which is sending it to the router

221
00:18:35,230 --> 00:18:36,820
but we could connect to the Internet.

222
00:18:36,820 --> 00:18:39,870
So on the Windows PC, I'll open up another tab.

223
00:18:40,540 --> 00:18:43,400
Most websites are now using encryption.

224
00:18:44,590 --> 00:18:50,200
One of them that's not which is really bad is Oxford University, oxacuk.

225
00:18:50,800 --> 00:18:57,410
That website is using HTTP not HTTPS notice it says not secure in the output here.

226
00:18:57,450 --> 00:18:58,960
Very bad.

227
00:19:02,750 --> 00:19:04,880
Your connection to the site is not secure.

228
00:19:04,910 --> 00:19:05,690
We've been told.

229
00:19:06,610 --> 00:19:13,210
So back in, Kali, we can see traffic sent from the Windows 10.1.1.100 to 129

230
00:19:13,220 --> 00:19:21,880
67. 242. 154 which is the Oxford University website now, at least here

231
00:19:22,360 --> 00:19:26,770
on their website when you try and log in.

232
00:19:28,230 --> 00:19:35,160
So go to Oxford students as an example, they are now using encryption, so only part of their website

233
00:19:35,160 --> 00:19:38,060
is in clear text we should be using HTTPS today

234
00:19:38,400 --> 00:19:46,080
but the point is, I can see part of their website through Kali Linux by using this man in the middle

235
00:19:46,080 --> 00:19:46,530
attack. 

236
00:19:48,300 --> 00:19:55,850
You should always make sure that your traffic is encrypted and that you're using a valid certificate. a

237
00:19:56,370 --> 00:20:01,950
So it's really important that you verify that the certificate is a good certificate that it's been

238
00:20:01,950 --> 00:20:06,270
issued correctly, that it's not a rogue certificate.

239
00:20:07,620 --> 00:20:13,130
So make sure that your traffic is encrypted, especially if you're using wireless hotspots or open networks,

240
00:20:13,440 --> 00:20:19,410
make sure that the certificate is valid because the traffic could be going through a device such as

241
00:20:19,410 --> 00:20:20,130
Kelly Linux.

242
00:20:20,610 --> 00:20:22,660
Don't just connect to any network.

243
00:20:22,680 --> 00:20:25,140
Make sure that networks that you connect to are good.

244
00:20:25,470 --> 00:20:31,380
Make sure that you use a VPN or some kind of encryption mechanism so that your traffic is not sent in

245
00:20:31,380 --> 00:20:32,070
clear text.