Vulnerability Development mailing list archives
Re: Hijack IP Address using cable modem
From: Nick Summy <playboy () NETINS NET>
Date: Wed, 28 Mar 2001 08:09:01 -0600
Now I hardly know anything about this subject, so correct me If im wrong, but I have a few questions.
From what it looks like, your computer is able to see all requests for IP
addresses on some cable networks. Now lets say you got an IP address that was orignaly supposed to be going to someone else. A. Wouldnt the cable network realize that the IP Address didnt go to the correct person (verification by MAC Address?) and B. Where does this leave person who the IP address was originally supposed to go to? Do they just request another one and get it? And if so would the cable network allow a person to grab 2 IP addresses? I may be totally off based by this, and if so let me know, but these seem like common sense questions. Nick Summy -----Original Message----- From: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]On Behalf Of Patrick Maartense Sent: Wednesday, March 28, 2001 2:14 AM To: VULN-DEV () SECURITYFOCUS COM Subject: Hijack IP Address using cable modem DISCLAIMER A large cablenetwork company has been informed of this MISBEHAVIOUR and threatened to disconnect me. they would not think of a proper sollution : Purpose: A Hackers dream, work from your won PC with IP Addresses someone else owns: In short, Occupy IP Addresses someone else normally owns. Normal Broadband Cable networks either give out DHCP Addresses or a Fix Address or Address range. When doing a SNIF on the outbound iface a proper designed network should not broadcast ARP request not meant for the network on that end of the CableModem. Some Networks However are Weak Configurred and broadcast ARP for the entire shared medium through all Cable Modems attached to that Network. A smart hacker would setup the outbound iface to reply to all ARP requests it gets, therefor being able to take any IP Address that is broadcasted for. This makes folliwng possible: Dos. Hacking using Outhers Addresses Not to mention all other fun... any Comments on this ? -- --- Kind Regards Patrick Maartense (using Pine on a Text Console)
Current thread:
- Hijack IP Address using cable modem Patrick Maartense (Mar 28)
- Re: Hijack IP Address using cable modem Nick Summy (Mar 28)
- Re: Hijack IP Address using cable modem Patrick Patterson (Mar 28)
- Re: Hijack IP Address using cable modem cdowns (Mar 28)
- Re: Hijack IP Address using cable modem Larry W. Cashdollar (Mar 28)
- Re: Hijack IP Address using cable modem Bill Munger (Mar 29)
- Re: Hijack IP Address using cable modem Mathias Wegner (Mar 28)
- Re: Hijack IP Address using cable modem Dick Visser (Mar 28)
- Re: Hijack IP Address using cable modem Reb (Mar 29)
- Re: Hijack IP Address using cable modem Patrick Patterson (Mar 28)
- Re: Hijack IP Address using cable modem Patrick Maartense (Mar 28)
- Re: Hijack IP Address using cable modem Patrick Maartense (Mar 28)
- Re: Hijack IP Address using cable modem Nick Summy (Mar 29)
- Re: Hijack IP Address using cable modem Nick Summy (Mar 28)