RE: Ping a mac address

["Dario Ciccarone (dciccaro)" <dciccaro () cisco com>]

> > For instance, I have a few IP cameras around my 
> infrastructure... If 
> > I add a static ARP entry for the MAC to some arbitrary IP 
> (that's still on 
> > my subnet) I can use that arbitrary IP to access the unit's HTTP 
> > configuration... works just fine.
>
> You're lucky to be facing theses non RFC compliant devices :)))

Agree with Cedric here. Which opens another issue: say your device
assigned IP address is 1.2.3.4, MAC A, and the device also allows you to
configure access control based on IP address - this would probably allow
you to bypass those controls.

But - iff the IP stack is so dumb, which source address does it use to
reply? The real IP address configured on its interface? Or it just swaps
SRC/DST on the original packet? That would allow 2-way communications.

Guess it works on Axis cameras at least, if you're able to do the 3-way
and actually configure them ;)

Dario

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------