Vulnerability Development mailing list archives
Re: spoofing the ethernet address
From: mudge () L0PHT COM (Mudge)
Date: Wed, 1 Mar 2000 12:56:16 -0500
DLPI and /dev/nit will allow you to write the raw ether frame. As will linux raw sockets. On BSD style systems the driver itself will often place the legitimate ether address back in to the frame before sending the packet. Even if you have handed in data expecting otherwise. You will need to make a one or two line code change to the driver and recompile it into the kernel if you want to change the outgoing ether address. This is what we had to do for AntiSniff on OpenBSD. cheers, .mudge On Tue, 29 Feb 2000, Bobby, Paul wrote:
Been playing with hping, and I imagine other IP spoofing tools generate the same types of packets. The spoofed packet contains a bogus IP address, yes. However the ethernet address (MAC) is the address of the sending machine. Is it possible to spoof this address also? Would someone have to write a custom ethernet driver? Paul Bobby ----------------- <dream> Got Root? </dream>
Current thread:
- Re: spoofing the ethernet address Sen_Ml Sen_Ml (Mar 01)
- Re: spoofing the ethernet address yeti (Mar 02)
- <Possible follow-ups>
- Re: spoofing the ethernet address Mikael Olsson (Mar 01)
- Re: spoofing the ethernet address Carl-Johan Bostorp (Mar 01)
- Re: spoofing the ethernet address Simple Nomad (Mar 01)
- Re: spoofing the ethernet address Vitek, Ian (Mar 01)
- Re: spoofing the ethernet address Granquist, Lamont (Mar 01)
- Re: spoofing the ethernet address Mudge (Mar 01)
- Re: spoofing the ethernet address Dug Song (Mar 02)
- Re: spoofing the ethernet address Ben Grubin (Mar 01)
- Re: spoofing the ethernet address -DAL- (Mar 01)
- Re: spoofing the ethernet address Iván Arce (Mar 01)
- Re: spoofing the ethernet address hypoclear - lUSt - (Linux Users Strike Today) (Mar 01)
- Re: spoofing the ethernet address The I (Mar 01)
- [Fwd: spoofing the ethernet address] Fredrik Widlund (Mar 02)
- spoofing the ethernet address (PPPoE) mike (Mar 02)
- Re: spoofing the ethernet address John Hall (Mar 01)
- Re: spoofing the ethernet address Jim Duncan (Mar 02)
(Thread continues...)