Penetration Testing mailing list archives
Re: Re[4]: cain & abel full routing
From: killy <killfactory () gmail com>
Date: Thu, 15 Jun 2006 11:06:02 -0400
Have your sniffed the traffic from the test host point of view? or from the point of view of the host you are spoofing? Maybe this will confirm it. On 6/14/06, Alex <quick.touch () gmail com> wrote:
yeah, but i think it doesn't work because of the server, it has every mac in the network associated with an ip address (or else you don't have access to internet), so it has some kind of static arp entries... so i'm sending spoofed packets with my mac and test host ip, but, it either sends the packets to the mac/ip it has, or the host doesn't have access to internet. this the only way i can explain... maybe if it weren't for this restriction, i could have used full mitm. Hello Tim, Wednesday, June 14, 2006, 3:07:02 AM, you wrote: T> Probably, but it does depend on the timeout that is set on the system T> that is not accepting the spoofed packets. T> On 6/13/06, Alex <quick.touch () gmail com> wrote: >> i didn't wait too much, 3-4 minutes (or was it enough?) before >> cancelling the attack. >> ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
------------------------------------------------------------------------------ This List Sponsored by: CenzicConcerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------
Current thread:
- cain & abel full routing Alex (Jun 13)
- Re: cain & abel full routing Tim (Jun 13)
- Re[2]: cain & abel full routing Alex (Jun 13)
- Re: Re[2]: cain & abel full routing Tim (Jun 14)
- Re[4]: cain & abel full routing Alex (Jun 14)
- Re: Re[4]: cain & abel full routing Tim (Jun 14)
- Re: Re[4]: cain & abel full routing killy (Jun 15)
- Re[6]: cain & abel full routing Alex (Jun 15)
- Re[2]: cain & abel full routing Alex (Jun 13)
- RE: Re[2]: cain & abel full routing Paul Melson (Jun 14)
- Re: cain & abel full routing Tim (Jun 13)
- <Possible follow-ups>
- Re[2]: cain & abel full routing Alex (Jun 13)