Penetration Testing mailing list archives
Re: Ping a mac address
From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Sun, 4 Dec 2005 10:39:06 -0800
That's why I was asking "why?" It depends on what he's ultimately going to do and what the host is... All packets are not automatically dropped if the IP doesn't match the bound IP -- that's what the MAC is for in the first place. For instance, I have a few IP cameras around my infrastructure... If I add a static ARP entry for the MAC to some arbitrary IP (that's still on my subnet) I can use that arbitrary IP to access the unit's HTTP configuration... works just fine.
t ----- "And yet, even if one person finds his way... that means there is a Way. Even if I personally fail to reach it." Mr. Nobusuke Tagomi Top Place, Ranking Imperial Trade Mission Pacific States of America----- Original Message ----- From: "Cedric Blancher" <blancher () cartel-securite fr>
To: "Thor (Hammer of God)" <thor () hammerofgod com> Cc: "Roni Bachar" <roni () avnet co il>; <pen-test () securityfocus com> Sent: Sunday, December 04, 2005 10:18 AM Subject: Re: Ping a mac address Le dimanche 04 décembre 2005 à 01:58 -0800, Thor (Hammer of God) a écrit :
Given that, if the host *is* on the same subnet, and you want to reach it, it doesn't really matter what IP address is bound to the adapter-- you can just add a static ARP entry on the local system to assign the MAC to whatever "in-network" IP you want, whether it's the "real" IP or not...
Maybe I misunderstand your point, but as you will be indeed be able to send that host an ethernet frame knowing its MAC address, you may want to have it processed at upper layers, if you need to coomunicate with that host for instance. As it will drop any packet that is not destined to its very own IP address (or one of its, if multiple), you definitly need to know it for this kind of purpose. -- http://sid.rstack.org/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
Hi! I'm your friendly neighbourhood signature virus. Copy me to your signature file and help me spread!
------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Ping a mac address Roni Bachar (Dec 01)
- Re: Ping a mac address jgervacio (Dec 01)
- Re: Ping a mac address Doug Fox (Dec 11)
- Re: Ping a mac address Thierry Zoller (Dec 02)
- Re: Ping a mac address veille (Dec 02)
- Re: Ping a mac address Marcos Pitanga (Dec 02)
- Ping a mac address Roni Bachar (Dec 04)
- Re: Ping a mac address nosy (Dec 04)
- Re: Ping a mac address Thor (Hammer of God) (Dec 04)
- Re: Ping a mac address Cedric Blancher (Dec 04)
- Re: Ping a mac address Thor (Hammer of God) (Dec 04)
- Re: Ping a mac address Cedric Blancher (Dec 04)
- Re: Ping a mac address Thor (Hammer of God) (Dec 04)
- Re: Ping a mac address Cedric Blancher (Dec 04)
- Re: Ping a mac address Mohamadi ZONGO (Dec 05)
- Ping a mac address Roni Bachar (Dec 04)
- RE: Ping a mac address Roni Bachar (Dec 05)
- RE: Ping a mac address Barrie Dempster (Dec 06)
- Re: Ping a mac address Joachim Schipper (Dec 06)
- Re: Ping a mac address Brian Loe (Dec 06)
- Re: Ping a mac address Joachim Schipper (Dec 07)
- Re: Ping a mac address Samuel R. Baskinger (Dec 08)
- Re: Ping a mac address jgervacio (Dec 01)