Penetration Testing mailing list archives

Re: Arp spoofing & dsniff

From: kumar mahadevan <kumar_mahadevan_6 () yahoo ca>
Date: Mon, 6 May 2002 11:37:03 -0400 (EDT)

on that same note since the discussion is about MAC
spoofing.

I have a basic question and need some help in this
regard;

If I am on a Switched network and I change my MAC
address on my RH 7 box to the victim's (using
IFCONFIG). Now, how do I capture say for e.g Telnet
sessions between the victim and a server running
telnet service.

I don't want to ARP cache poison  nor MAC flood the
switch.

of course TCPDUMP host victim's IP address only gives
me NBT queries sent. I'd like to see layer 7
traffic

thanks !

kumar.


--- Daniel Polombo <polombo () cartel-securite fr> wrote:

Vs Metal wrote:

- arpspoof : as soon as i lauch arpspoof, the

network is

almost out of service. I mean i can still ping pcs

between

eachother, but the telnet sessions won't open. ( I

ENABLED

THE IPFORWARDING OPTION ON MY LINUX COMPUTER, and

it works

as the pings go through it ).


There are many ways of using arpspoof. If, for
instance, you're trying 
to convince everyone on your network that you are
their default gateway, 
depending on the size of your network, you might not
be able to actually 
process all the traffic they're sending your way.

An effective way of using arpspoof (I don't doubt
there are many other 
approaches) would be to target a single box on your
LAN (victim), and 
convince the gateway (router) that you (attacker)
are the victim. 
Similarly, you can convince the victim that you are
the router, creating 
a perfect man-in-the-middle scenario. In this case,
you only have one 
box's traffic to handle, instead of your whole LAN.

Hope this helps,

   Daniel

----------------------------------------------------------------------------

This list is provided by the SecurityFocus Security
Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA
service which
automatically alerts you to the latest security
vulnerabilities please see:
https://alerts.securityfocus.com/



______________________________________________________________________ 
Games, Movies, Music & Sports! http://entertainment.yahoo.ca

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

Arp spoofing & dsniff Vs Metal (May 05)
- Re: Arp spoofing & dsniff Michael Thumann (May 05)
- Re: Arp spoofing & dsniff Daniel Polombo (May 06)
  - Re: Arp spoofing & dsniff kumar mahadevan (May 06)
    - Re: Arp spoofing & dsniff Ryan Russell (May 06)
    - Re: Arp spoofing & dsniff kumar mahadevan (May 06)
    - Re: Arp spoofing & dsniff Ryan Russell (May 06)
    - Re: Arp spoofing & dsniff Sumit Dhar (May 07)
  - Re: Arp spoofing & dsniff Sumit Dhar (May 06)
  - Re: Arp spoofing & dsniff The D (May 10)
- Re: Arp spoofing & dsniff Iván Arce (May 09)
- <Possible follow-ups>
- Re: Arp spoofing & dsniff Sumit Dhar (May 07)
  - Re: Arp spoofing & dsniff jsyn (May 09)
  - Re: Arp spoofing & dsniff woof (May 13)

(Thread continues...)