Re: Arp spoofing & dsniff
From: kumar mahadevan (kumar_mahadevan_6@yahoo.ca)Date: 05/06/02
- Previous message: Daniel Polombo: "Re: Arp spoofing & dsniff"
- In reply to: Daniel Polombo: "Re: Arp spoofing & dsniff"
- Next in thread: Ryan Russell: "Re: Arp spoofing & dsniff"
- Next in thread: Sumit Dhar: "Re: Arp spoofing & dsniff"
- Reply: Ryan Russell: "Re: Arp spoofing & dsniff"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 6 May 2002 11:37:03 -0400 (EDT) From: kumar mahadevan <kumar_mahadevan_6@yahoo.ca> To: Daniel Polombo <polombo@cartel-securite.fr>, Vs Metal <vserpoul@isep.fr>
on that same note since the discussion is about MAC
spoofing.
I have a basic question and need some help in this
regard;
If I am on a Switched network and I change my MAC
address on my RH 7 box to the victim's (using
IFCONFIG). Now, how do I capture say for e.g Telnet
sessions between the victim and a server running
telnet service.
I don't want to ARP cache poison nor MAC flood the
switch.
of course TCPDUMP host victim's IP address only gives
me NBT queries sent. I'd like to see layer 7
traffic
thanks !
kumar.
--- Daniel Polombo <polombo@cartel-securite.fr> wrote:
> Vs Metal wrote:
>
> > - arpspoof : as soon as i lauch arpspoof, the
> network is
> > almost out of service. I mean i can still ping pcs
> between
> > eachother, but the telnet sessions won't open. ( I
> ENABLED
> > THE IPFORWARDING OPTION ON MY LINUX COMPUTER, and
> it works
> > as the pings go through it ).
>
> There are many ways of using arpspoof. If, for
> instance, you're trying
> to convince everyone on your network that you are
> their default gateway,
> depending on the size of your network, you might not
> be able to actually
> process all the traffic they're sending your way.
>
> An effective way of using arpspoof (I don't doubt
> there are many other
> approaches) would be to target a single box on your
> LAN (victim), and
> convince the gateway (router) that you (attacker)
> are the victim.
> Similarly, you can convince the victim that you are
> the router, creating
> a perfect man-in-the-middle scenario. In this case,
> you only have one
> box's traffic to handle, instead of your whole LAN.
>
> Hope this helps,
>
> Daniel
>
>
>
----------------------------------------------------------------------------
> This list is provided by the SecurityFocus Security
> Intelligence Alert (SIA)
> Service. For more information on SecurityFocus' SIA
> service which
> automatically alerts you to the latest security
> vulnerabilities please see:
> https://alerts.securityfocus.com/
>
>
>
______________________________________________________________________
Games, Movies, Music & Sports! http://entertainment.yahoo.ca
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Daniel Polombo: "Re: Arp spoofing & dsniff"
- In reply to: Daniel Polombo: "Re: Arp spoofing & dsniff"
- Next in thread: Ryan Russell: "Re: Arp spoofing & dsniff"
- Next in thread: Sumit Dhar: "Re: Arp spoofing & dsniff"
- Reply: Ryan Russell: "Re: Arp spoofing & dsniff"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
