Vulnerability Development mailing list archives

Re: fooling hubs [ARP Spoofing]

From: brian.d.mila () LMCO COM (Mila, Brian D)
Date: Thu, 10 Feb 2000 10:27:07 -0500


On Tuesday, February 08, 2000 6:41 PM, Vincent; Christopher
[SMTP:christophervincent () STMARKSSCHOOL ORG] wrote:

cable modem is talking to.  If I programed the MAC of one of my spare NICs
to that of that one that M1 knows I have, i bet it will work.  If I

program

it to the MAC of my friends, i bet that it will think that I am my friend!
Now, M1 doesnt have a download limit / cap (its has a speed cap at 1.5mbps
down and 356kbps up) so it would not serve any purpose other than

discovery

on how M1 actually authenticates.  The only danger that it could pose to
spoof my friends MAC is that some M1 websites let you change your e-mail
password and some e-mail settings, and they used (last time I checked) to
authenticate by the cable modem you were on.


You might also be able to DOS your friend.  If mediaone denies access to two
identical MAC's, then using
your friends MAC might prevent him from connecting.  Also, any reports of
misuse coming in might get
traced back to your friend and not to you.  Just a thought.

Brian

Current thread:

Re: its: recursion, (continued)
- - - Re: its: recursion Sean Burford (Feb 09)
    - Hellvisory #0001! Lucifer Mirza (Feb 09)
    - Re: its: recursion Blue Boar (Feb 09)
    - Re: its: recursion Dmitry Alyabyev (Feb 10)
    - Re: recursion Blake Frantz (Feb 09)
    - Re: Notes Domino Server Platform for e-commerce? Gerardo Richarte (Feb 10)
- Re: fooling hubs [ARP Spoofing] Vincent; Christopher (Feb 08)
  - Re: fooling hubs [ARP Spoofing] Bobb Voigt (Feb 11)
- Re: fooling hubs [ARP Spoofing] Clifford, Shawn A (Feb 09)
  - Re: fooling hubs [ARP Spoofing] David Basden (Feb 09)
- Re: fooling hubs [ARP Spoofing] Mila, Brian D (Feb 10)