Re: Arp spoofing & dsniff

From: Daniel Polombo (polombo@cartel-securite.fr)
Date: 05/06/02

Previous message: Michael Thumann: "Re: Arp spoofing & dsniff"
In reply to: Vs Metal: "Arp spoofing & dsniff"
Next in thread: kumar mahadevan: "Re: Arp spoofing & dsniff"
Reply: kumar mahadevan: "Re: Arp spoofing & dsniff"
Reply: Sumit Dhar: "Re: Arp spoofing & dsniff"
Reply: The D: "Re: Arp spoofing & dsniff"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 06 May 2002 12:31:17 +0200
From: Daniel Polombo <polombo@cartel-securite.fr>
To: Vs Metal <vserpoul@isep.fr>

Vs Metal wrote:

> - arpspoof : as soon as i lauch arpspoof, the network is
> almost out of service. I mean i can still ping pcs between
> eachother, but the telnet sessions won't open. ( I ENABLED
> THE IPFORWARDING OPTION ON MY LINUX COMPUTER, and it works
> as the pings go through it ).

There are many ways of using arpspoof. If, for instance, you're trying
to convince everyone on your network that you are their default gateway,
depending on the size of your network, you might not be able to actually
process all the traffic they're sending your way.

An effective way of using arpspoof (I don't doubt there are many other
approaches) would be to target a single box on your LAN (victim), and
convince the gateway (router) that you (attacker) are the victim.
Similarly, you can convince the victim that you are the router, creating
a perfect man-in-the-middle scenario. In this case, you only have one
box's traffic to handle, instead of your whole LAN.

Hope this helps,

Daniel

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Previous message: Michael Thumann: "Re: Arp spoofing & dsniff"
In reply to: Vs Metal: "Arp spoofing & dsniff"
Next in thread: kumar mahadevan: "Re: Arp spoofing & dsniff"
Reply: kumar mahadevan: "Re: Arp spoofing & dsniff"
Reply: Sumit Dhar: "Re: Arp spoofing & dsniff"
Reply: The D: "Re: Arp spoofing & dsniff"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Arp spoofing & dsniff
... I mean i can still ping pcs between ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
(Pen-Test)
Re: Arp spoofing & dsniff
... > MAC duplicating makes sense if you also operate a DoS on the victim. ... Somehow I have a feeling that the author is wrong when he says that "Mac ... > switch to go back to hub mode. ... This list is provided by the SecurityFocus Security Intelligence Alert ...
(Pen-Test)
Re: Arp spoofing & dsniff
... I mean i can still ping pcs between ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
(Pen-Test)