Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Send ARP before spoof

From: "flacman" <flacman () gmail com>
Date: Mon, 5 Nov 2007 09:29:35 -0500
Hi, i've been testing a los nmap IpSpoof function, and some times it doesn't
function. I was wondering why, so I make tests using whireshark. The reason
was that sometimes the router/switch don't have in it's cache the mac
address of the source (the attacker) so it have to send arp packages to see
who was the owner of that ip. In other word's it makes like a blind ipSpoof.
So, I propose to send first some spoofed arp packages first to fill the
router/switch cache first.

 

Flacman

Colombiaunderground.org

Flacman [at] colombiaunderground.org


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: