Vulnerability Development mailing list archives
Ethernet ( MAC ) Address Reliability
From: "William N. Zanatta" <william () veritel com br>
Date: Mon, 8 Sep 2003 11:17:00 -0300 (BRT)
Hey guys, I'm currently studying 'sadoor' ( see links at the foot ), a tool built over a proof-of-concept on monitoring interfaces instead of opening ports. The concept behind the tool consists ( roughly ) on monitoring the interface, waiting for a sequence of ip/tcp/udp key packets ( configurable ) and a command packet which runs a command at the host. The first article ( below ) introduces the tool and the hopotesis of using it as a remote system administration tool. Of course there are many security risks involved when doing it but I believe that a well planned system may work with a fine security level ( just focusing on this tool ). But there's one thing which worries me, the ethernet addresses. This is the point where I want to hear from you, and the question is, how much reliable are these addresses? I know they're spoofable and thus it may bring problems with this kind of software. Anyway I'm still making some research on this ( I'm not a network authority ;] ) but I would really like to hear from you. Thank you all, -- References: 1. A Practical Approach of Stealthy Remote Administration http://www.linuxsecurity.com/feature_stories/feature_story-149.html 2. SAdoor's Home Page http://cmn.listprojects.darklab.org -- William PS: Sorry for my messy english.
Current thread:
- Ethernet ( MAC ) Address Reliability William N. Zanatta (Sep 08)
- RE: Ethernet ( MAC ) Address Reliability Burton M. Strauss III (Sep 09)
- Re: Ethernet ( MAC ) Address Reliability Steve Ryan (Sep 11)
- RE: Ethernet ( MAC ) Address Reliability Seva Batkin (Sep 11)
- Re: Ethernet ( MAC ) Address Reliability PLANZ (Sep 11)
- Re: Ethernet ( MAC ) Address Reliability Oleg K . Artemjev (Sep 16)
- RE: Ethernet ( MAC ) Address Reliability Burton M. Strauss III (Sep 09)