Full Disclosure mailing list archives
Re: (no subject)
From: Jeff Blaum <jblaum02 () gmail com>
Date: Thu, 17 Dec 2009 01:50:15 -0800
Wow, is you're site still down Dan? </omfg> "Dan Kaminsky" <dan () doxpara com> wrote:
Easily the best environment for packet manipulation is scapy. The most guaranteed to work approach involves putting a system with two interfaces in as an attacker, and running two scapy processes that copy
frames
received on one interface onto the other one. Of course, your copier
parses
the frames, changes what needs to be changed, fixes up checksums, etc. There are other approaches that are preferable for all sorts of reasons,
but
the above means you don't need to fight with ARP or addresses or firewall rules or the kernel. (Proxy ARP, mangle tables, yadda yadda yadda.)
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- (no subject) 김무성 (Dec 16)
- Re: (no subject) Dan Kaminsky (Dec 16)
- <Possible follow-ups>
- Re: (no subject) Jeff Blaum (Dec 17)
- (no subject) mixed ya (Dec 23)