Penetration Testing mailing list archives
Re: Ping a mac address
From: neil () ncsconsulting com
Date: Tue, 6 Dec 2005 10:42:58 -0500
Quoting "Thor (Hammer of God)" <thor () hammerofgod com>:
absence of an "already assigned" IP in the config. I had an extra camera in the closet (bad color element, but it still works). Ipowered it up, added the MAC to an arbitrary IP via static ARP , and captured the traffic while connecting. The reply packet didindeed come *from* the arbitrary IP address during the 3-way and all subsequent HTTP replies. When I went to config it, it already had the arbitrary IP in place. Upon saving the config, I could remove the static entry and get to the unit with normal dynamic resolution.
As a related note, i was working with an IP addressable network print
server a number of years ago that had an interesting option to
configure its IP address: you could setup a static ARP entry in your
laptop then ping the device to assign it an IP address. The device's
MAC was stamped on the back and once it acquired the IP address from
the ping packet it would assign that address and you could connect to
it (from the local network of course) for more detailed configuration.
Also, once the address had been assigned you couldn't assign another
address without resetting it (using a pin to press a tiny hidden
switch).
At time (guessing 8-10 years ago) I thought that was a neat trick but
can't for the life of me remember the name of the device. Could be
your camera also does that my design.
-neil
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Re: Ping a mac address, (continued)
- Re: Ping a mac address Maxime Ducharme (Dec 05)
- RE: Ping a mac address John Tavares (Dec 03)
- Re: Ping a mac address rob . dijkshoorn (Dec 04)
- Re: Ping a mac address James Eaton-Lee (Dec 07)
- Re: Ping a mac address mccauley () gmx net (Dec 09)
- Re: Ping a mac address Bob Foxworth (Dec 11)
- RE: Ping a mac address Dario Ciccarone (dciccaro) (Dec 04)
- RE: Ping a mac address Dario Ciccarone (dciccaro) (Dec 05)
- RE: Ping a mac address Dario Ciccarone (dciccaro) (Dec 05)
- Re: Ping a mac address Thor (Hammer of God) (Dec 05)
- Re: Ping a mac address neil (Dec 06)
- Re: Ping a mac address Chris Kuethe (Dec 06)
- Re: Ping a mac address Thor (Hammer of God) (Dec 05)