Penetration Testing mailing list archives
Re: [PEN-TEST] Arp Spoofing under WinNT 4.0
From: "Brentlinger, Mike (ISS eServices)" <mbrentli () ISS NET>
Date: Wed, 31 Jan 2001 16:55:44 -0500
Yes.... WCI suposedly does this http://www.phenoelit.de/arpoc/index.html or you could use any or the various tools that are for linux on a trinux http://trinux.sourceforge.net/ distribution. I personally run trinux with vmware http://www.vmware.com/ so that I can use my windows 2k laptop and trinux at the same time. best of luck. Mike Brentlinger -----Original Message----- From: Fabio Pietrosanti To: PEN-TEST () SECURITYFOCUS COM Sent: 1/31/01 6:41 AM Subject: Arp Spoofing under WinNT 4.0 Hi, I'm doing a pen test, and i got access to an NT server on which i would like to place a sniffer. I've tried buttsniff and then Dsniff using WinPcap, but i notice that they are on a switched network, so i have two solutions: 1) Flood the switch of random mac address so his table will'be filled and the switch will operate in bride mode 2) do arp spoofing so i could intercept all packet destinated to the host of which traffic i need to sniff. On unix there are many tools, but on WinNT 4.0 with WinPcap there are some tools for "arp spoofing" ? Thanks a lot Best Regards naif naif () sikurezza org
Current thread:
- [PEN-TEST] Arp Spoofing under WinNT 4.0 Fabio Pietrosanti (Jan 31)
- Re: [PEN-TEST] Arp Spoofing under WinNT 4.0 Jose Nazario (Jan 31)
- Re: [PEN-TEST] Arp Spoofing under WinNT 4.0 m (Jan 31)
- Re: [PEN-TEST] Arp Spoofing under WinNT 4.0 Shoten (Jan 31)
- <Possible follow-ups>
- Re: [PEN-TEST] Arp Spoofing under WinNT 4.0 Brentlinger, Mike (ISS eServices) (Jan 31)
- Re: [PEN-TEST] Arp Spoofing under WinNT 4.0 Jose Nazario (Jan 31)