Re: info on ip spoofing please

["Ian stuart Turnbull" <ian.t7 () hotmail co uk>]

DNS cache poisoning ?? - Hmm! I'd like to hear more on this. Would you 
please elaborate for me.
Thanks.
Ian t


> From: "Brian Eaton" <eaton.lists () gmail com>
> To: "Full Disclosure" <full-disclosure () lists grok org uk>
> Subject: Re: [Full-disclosure] info on ip spoofing please
> Date: Tue, 11 Apr 2006 16:31:26 -0400
> MIME-Version: 1.0
> Received: from lists.grok.org.uk ([195.184.125.51]) by 
> bay0-pamc1-f13.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 
> 11 Apr 2006 13:32:35 -0700
> Received: from lists.grok.org.uk (localhost [127.0.0.1])by 
> lists.grok.org.uk (Postfix) with ESMTP id 64AF66A4;Tue, 11 Apr 2006 
> 21:31:50 +0100 (BST)
> Received: from uproxy.gmail.com (uproxy.gmail.com [66.249.92.172])by 
> lists.grok.org.uk (Postfix) with ESMTP id 0F48B362for 
> <full-disclosure () lists grok org uk>;Tue, 11 Apr 2006 21:31:26 +0100 (BST)
> Received: by uproxy.gmail.com with SMTP id m3so837107ugcfor 
> <full-disclosure () lists grok org uk>;Tue, 11 Apr 2006 13:31:26 -0700 (PDT)
> Received: by 10.78.17.4 with SMTP id 4mr193068huq;Tue, 11 Apr 2006 13:31:26 
> -0700 (PDT)
> Received: by 10.78.24.11 with HTTP; Tue, 11 Apr 2006 13:31:26 -0700 (PDT)
> X-Message-Info: JGTYoYF78jG7jILEeCsdT2hBmxQ+cyZzs3iEPQ9BL1A=
> X-Original-To: full-disclosure () lists grok org uk
> Delivered-To: full-disclosure () lists grok org uk
> DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; 
> d=gmail.com;h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;b=jLxxCF2Ny+g2QvgDx3cNLXfkbYACVEfFdAKlEcSUUVSOJc1H6n+U5FMGYjaF6j53wpeBPV1k2Nsi1n0VEIas8wOGK7PkF2Ln9kbuj8igND3BF7wyw/w8MhE7jVCldcpr3P00hsJ7z0w18+15fd+bhtUxoYC2BTSutt3ypxyOd44=
> References: 
> <BAY112-F8AAC63A6AF32C102B39D099CD0 () phx gbl><443C0973.4090702 () csuohio edu>
> X-BeenThere: full-disclosure () lists grok org uk
> X-Mailman-Version: 2.1.5
> Precedence: list
> List-Id: An unmoderated mailing list for the discussion of security 
> issues<full-disclosure.lists.grok.org.uk>
> List-Unsubscribe: 
> <https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, 
> <mailto:full-disclosure-request () lists grok org uk?subject=unsubscribe>
> List-Archive: <http://lists.grok.org.uk/pipermail/full-disclosure>
> List-Post: <mailto:full-disclosure () lists grok org uk>
> List-Help: <mailto:full-disclosure-request () lists grok org uk?subject=help>
> List-Subscribe: 
> <https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, 
> <mailto:full-disclosure-request () lists grok org uk?subject=subscribe>
> Errors-To: full-disclosure-bounces () lists grok org uk
> Return-Path: full-disclosure-bounces () lists grok org uk
> X-OriginalArrivalTime: 11 Apr 2006 20:32:35.0566 (UTC) 
> FILETIME=[112C10E0:01C65DA7]
>
> On 4/11/06, Michael Holstein <michael.holstein () csuohio edu> wrote:
> > You can't (passively anyway) sniff packets from a host in another VLAN
> > without some special trickery.
>
> I'd love to hear some examples of this having been done, actively or 
> passively.
>
> The only avenue for an active attack that occurs to me is DNS cache
> poisoning.  I'm sure there are others.
>
> Regards,
> Brian
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_________________________________________________________________
Are you using the latest version of MSN Messenger? Download MSN Messenger 
7.5 today! http://join.msn.com/messenger/overview

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/