Penetration Testing mailing list archives
arpspoofing
From: "Erlend J. Leiknes" <nookie () online no>
Date: Tue, 5 Feb 2002 20:00:44 +0100
Im testing a network for clear-text password leakage. (Unencrypted protocols) Since its a switched enviorment I have to arpspoof or macflood. Macflooding had no success, shouldnt the switches be degraded to hubs when their mac-tables get filled? And when I arpspoof using the redirecting data from the gateway to the laptop, pings wont get through, and i sent some clear text on purpose from machines that had gotten their arp table poisoned. Still it seemed like it didnt work too well. The question is: if arp -a (on windows 98) shows: Interface: x.x.x.204 --- 0x2 Internet Address Physical Address Type x.x.x.1 00-10-14-26-60-38 dynamic x.x.x.5 00-50-da-37-93-5b dynamic x.x.x.6 00-50-da-37-93-5b dynamic who will recive the packages. 5, 6 or both? Any other ways to sniff in a switched enviorment? ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- arpspoofing Erlend J. Leiknes (Feb 05)
- <Possible follow-ups>
- Re: arpspoofing gattaca (Feb 05)
- RE: arpspoofing Lee Brotherston (Feb 11)
- RE: arpspoofing Darrin . Wassom (Feb 11)