Penetration Testing mailing list archives
Re: Arp spoofing & dsniff
From: kumar mahadevan <kumar_mahadevan_6 () yahoo ca>
Date: Mon, 6 May 2002 11:37:03 -0400 (EDT)
on that same note since the discussion is about MAC spoofing. I have a basic question and need some help in this regard; If I am on a Switched network and I change my MAC address on my RH 7 box to the victim's (using IFCONFIG). Now, how do I capture say for e.g Telnet sessions between the victim and a server running telnet service. I don't want to ARP cache poison nor MAC flood the switch. of course TCPDUMP host victim's IP address only gives me NBT queries sent. I'd like to see layer 7 traffic thanks ! kumar. --- Daniel Polombo <polombo () cartel-securite fr> wrote:
Vs Metal wrote:- arpspoof : as soon as i lauch arpspoof, thenetwork isalmost out of service. I mean i can still ping pcsbetweeneachother, but the telnet sessions won't open. ( IENABLEDTHE IPFORWARDING OPTION ON MY LINUX COMPUTER, andit worksas the pings go through it ).There are many ways of using arpspoof. If, for instance, you're trying to convince everyone on your network that you are their default gateway, depending on the size of your network, you might not be able to actually process all the traffic they're sending your way. An effective way of using arpspoof (I don't doubt there are many other approaches) would be to target a single box on your LAN (victim), and convince the gateway (router) that you (attacker) are the victim. Similarly, you can convince the victim that you are the router, creating a perfect man-in-the-middle scenario. In this case, you only have one box's traffic to handle, instead of your whole LAN. Hope this helps, Daniel
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
______________________________________________________________________ Games, Movies, Music & Sports! http://entertainment.yahoo.ca ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Arp spoofing & dsniff Vs Metal (May 05)
- Re: Arp spoofing & dsniff Michael Thumann (May 05)
- Re: Arp spoofing & dsniff Daniel Polombo (May 06)
- Re: Arp spoofing & dsniff kumar mahadevan (May 06)
- Re: Arp spoofing & dsniff Ryan Russell (May 06)
- Re: Arp spoofing & dsniff kumar mahadevan (May 06)
- Re: Arp spoofing & dsniff Ryan Russell (May 06)
- Re: Arp spoofing & dsniff Sumit Dhar (May 07)
- Re: Arp spoofing & dsniff kumar mahadevan (May 06)
- Re: Arp spoofing & dsniff Sumit Dhar (May 06)
- Re: Arp spoofing & dsniff The D (May 10)
- <Possible follow-ups>
- Re: Arp spoofing & dsniff Sumit Dhar (May 07)
- Re: Arp spoofing & dsniff jsyn (May 09)
- Re: Arp spoofing & dsniff woof (May 13)