Vulnerability Development mailing list archives

Hijack IP Address using cable modem

From: Patrick Maartense <patrick () PATRICK AT>
Date: Wed, 28 Mar 2001 10:14:16 +0200

DISCLAIMER
A large cablenetwork company has been informed of this MISBEHAVIOUR and
threatened to disconnect me. they would not think of a proper sollution :

Purpose: A Hackers dream, work from your won PC with IP Addresses someone
else owns:

In short, Occupy IP Addresses someone else normally owns.
Normal Broadband Cable networks either give out DHCP Addresses or a Fix
Address or Address range.

When doing a SNIF on the outbound iface a proper designed network should
not broadcast ARP request not meant for the network on that end of the
CableModem.

Some Networks However are Weak Configurred and broadcast ARP for the
entire shared medium through all Cable Modems attached to that Network.

A smart hacker would setup the outbound iface to reply to all ARP requests
it gets, therefor being able to take any IP Address that is broadcasted
for.

This makes folliwng possible:

Dos.
Hacking using Outhers  Addresses
Not to mention all other fun...


any Comments on this ?

--
---
Kind Regards
Patrick Maartense (using Pine on a Text Console)

Current thread:

Hijack IP Address using cable modem Patrick Maartense (Mar 28)
- Re: Hijack IP Address using cable modem Nick Summy (Mar 28)
  - Re: Hijack IP Address using cable modem Patrick Patterson (Mar 28)
    - Re: Hijack IP Address using cable modem cdowns (Mar 28)
    - Re: Hijack IP Address using cable modem Larry W. Cashdollar (Mar 28)
    - Re: Hijack IP Address using cable modem Bill Munger (Mar 29)
    - Re: Hijack IP Address using cable modem Mathias Wegner (Mar 28)
    - Re: Hijack IP Address using cable modem Dick Visser (Mar 28)
    - Re: Hijack IP Address using cable modem Reb (Mar 29)
    - Re: Hijack IP Address using cable modem Patrick Maartense (Mar 28)
    - Re: Hijack IP Address using cable modem Patrick Maartense (Mar 28)

(Thread continues...)