Re: Spoofed IP address

["Al Bam" <aladin168 () hotmail com>]

How about this,
After you got control of 2 computers, Use tool like SMAC - 
http://www.klcconsulting.net/smac - to just spoof the MAC Address, and also 
the IP of the server, or the client...

For controls, maybe use managed switches and Network Management software 
like HP Openview to control each physical port, both MAC Address and IP?  
Also, add 2-way mutual authentication between 2 systems would add additional 
security, i.e. kerberos.  All this will give you a lot more secure network, 
but nothing can guarantee 100% security as you might have guessed.

Obviously, do some cost benefit analysis first, or you might go overboard 
with your solutions.
...

Just my 2 cents


> From: "crazy frog crazy frog" <i.m.crazy.frog () gmail com>
> To: "xun dong" <xundong () cs york ac uk>
> CC: pen-test () securityfocus com
> Subject: Re: Spoofed IP address
> Date: Sat, 23 Sep 2006 20:41:21 +0530
>
> Hi,
> In some common MITM the attacker spoofs it original mac address like
> in ARP poisioning.But changing ip is not that easy.
> _CF
> www.secgeeks.com
>
>
> On 9/22/06, xun dong <xundong () cs york ac uk> wrote:
> > Thanks everyone who read and answer my question.
> >
> > Given a scenario as below:
> >
> > When someone wants to launch a man-in-the-middle attack on the
> > communication between the client and server. In order to make it more
> > transparent(hard to discover) can the attacker pretended to has the same
> > IP address as the server(when handling the communication with client
> > end) while pretending to has the same IP address as the client(when
> > handling the communication with server end). If it is possible, can you
> > tell me your solutions.
> >
> > This is not used to generate real attacks, it is just a concern I come
> > cross when designing a communication system.
> >
> > Thanks a lot.
> >
> > Xun Dong
> >
> > ------------------------------------------------------------------------
> > This List Sponsored by: Cenzic
> >
> > Need to secure your web apps?
> > Cenzic Hailstorm finds vulnerabilities fast.
> > Click the link to buy it, try it or download Hailstorm for FREE.
> > http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> > ------------------------------------------------------------------------
>
>
> --
> ting ding ting ding ting ding
> ting ding ting ding ding
> i m crazy frog :)
> "oh yeah oh yeah...
> another wannabe, in hackerland!!!"
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> ------------------------------------------------------------------------

_________________________________________________________________
Search—Your way, your world, right now!  
http://imagine-windowslive.com/minisites/searchlaunch/?locale=en-us&FORM=WLMTAG


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------