Re: Arp spoffing question

[Arjuna Scagnetto <arjuna () ts infn it>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> I need to demonstrate Arp spoffing to my manager.
> lets say that i have in the lab a pc names pc A a
> Gateway and my pc-which is pc J.
> I want that all the traffic from pc A and the Gateway
> and vise versa will pass throw pc J. do I need to
> connect PC J with two nic cards to the main switch or
> with just one, as far as I understand I need to
> connect it with 2 nics,am I wrong?

You can use only one ethernet card, try "ettercap" is a simple but
powerfull program to do this kind of job.

arpspoofing miniminiminihowto

PC J has jj:jj:jj:jj:jJ:JJ mac address for simplicity  jj::
PC A has aa:aa:aa:aa:aa:aa mac address  for simplicity aa::
GW has gw:gw:gw:gw:gw:gw mac address for simplicity    gw::

PC J tells to GW "this is my mac address aa::"
PC tells to PC a "this is my mac address gw::"

this kind of messages are allowed since there's the security hole in the
arp protocol it self.

look for ettercap with google you'll find many many interesting web sites.

Arjuna
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFFyfRF7hNGJisFPxQRAgxBAKDWgCI62He7Ek0j3M0ui19xluzB0gCggbUE
W1wOIreVNZKSyIf+N9os71o=
=/LlN
-----END PGP SIGNATURE-----

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.