Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IP Spoofing with DHCP ?

From: Andre Monteiro <Andre_Monteiro () TECNIDATA PT>
Date: Wed, 20 Sep 2000 12:44:14 +0100
 In this type of networks it's normal that the connection to the internet is
made by a gateway with nat or something like that if you statically assign
your ip address to be the same as the gateway you can bring down the
connection to the internet. I have tested this in a Internet Fair in my
country.

André Monteiro

-----Original Message-----
From: Nathan Einwechter
To: VULN-DEV () SECURITYFOCUS COM
Sent: 18-09-2000 20:09
Subject: Re: IP Spoofing with DHCP ?

Actually, this has been an attack which has been demonstrated, written
on,
and used in the cable networks which are currently present.

What you can do is basically DoS, or wait, untill the other persons box
is
down. At this point, it is possible to statically assign your IP to the
same
as yours.

Using this method, you can effectively frame someone for doing net
attacks
etc. There may be other interesting things you can do with this
hijacking of
the IP though, which I haven't thought of. It is also possible to hijack
an
SSL or HTTPS session if this is done with the right timing, and a packet
sniffer is utilised. I have actually demonstrated this a few times in
the
past.

Hope this helps.

-- Nathan Einwechter
   (PsychoSpy)
Previous By Date Next
Previous By Thread Next

Current thread: