Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Arp spoofing & dsniff

From: Daniel Polombo <polombo () cartel-securite fr>
Date: Mon, 06 May 2002 12:31:17 +0200
Vs Metal wrote:
- arpspoof : as soon as i lauch arpspoof, the network is almost out of service. I mean i can still ping pcs between eachother, but the telnet sessions won't open. ( I ENABLED THE IPFORWARDING OPTION ON MY LINUX COMPUTER, and it works as the pings go through it ).
There are many ways of using arpspoof. If, for instance, you're trying to convince everyone on your network that you are their default gateway, depending on the size of your network, you might not be able to actually process all the traffic they're sending your way.
An effective way of using arpspoof (I don't doubt there are many other approaches) would be to target a single box on your LAN (victim), and convince the gateway (router) that you (attacker) are the victim. Similarly, you can convince the victim that you are the router, creating a perfect man-in-the-middle scenario. In this case, you only have one box's traffic to handle, instead of your whole LAN. 

Hope this helps,

  Daniel


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: