Security Basics mailing list archives

Re: Blocking Access to Non-domain computers

From: andreas () inferno nadir org
Date: Wed, 1 Sep 2004 10:33:45 +0200

Hello,

On Tuesday 31 August 2004 17:57, Thomas TS wrote:

On Sun, 2004-08-29 at 19:51 +0100, Barrie Dempster wrote:

Your only option for restricting DHCP access is to use MAC address
filtering (which is trival to bypass) although if you combine this
with IPSEC,


So, now I am "just curious" about how to lie a MAC to get thought a MAC
access list barrier...

Could you give a proof-of-concept description on this matter ?


Sure. Sniff the wire for a valid MAC. On linux, you may simply 
execute the command 'ifconfig hw ether <MAC addr>' 
to "spoof" your MAC address. 
On Windows you need to write (imho) a simple C script to achive the same.

regards,
Andreas


---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------

Current thread:

RE: Blocking Access to Non-domain computers Thomas TS (Aug 31)
- Re: Blocking Access to Non-domain computers Ansgar -59cobalt- Wiechers (Sep 02)
- Re: Blocking Access to Non-domain computers andreas (Sep 02)
- <Possible follow-ups>
- RE: Blocking Access to Non-domain computers Andrew Shore (Sep 02)
- Re: Blocking Access to Non-domain computers Faleh Daoud Abdel Monem (Sep 08)