on that same note since the discussion is about MAC spoofing. I have a basic question and need some help in this regard; If I am on a Switched network and I change my MAC address on my RH 7 box to the victim's (using IFCONFIG). Now, how do I capture say for e.g Telnet sessions between the victim and a server running telnet service. I don't want to ARP cache poison nor MAC flood the switch. of course TCPDUMP host victim's IP address only gives me NBT queries sent. I'd like to see layer 7 traffic thanks ! kumar. --- Daniel Polombo <polombo@cartel-securite.fr> wrote: > Vs Metal wrote: > > > - arpspoof : as soon as i lauch arpspoof, the > network is > > almost out of service. I mean i can still ping pcs > between > > eachother, but the telnet sessions won't open. ( I > ENABLED > > THE IPFORWARDING OPTION ON MY LINUX COMPUTER, and > it works > > as the pings go through it ). > > There are many ways of using arpspoof. If, for > instance, you're trying > to convince everyone on your network that you are > their default gateway, > depending on the size of your network, you might not > be able to actually > process all the traffic they're sending your way. > > An effective way of using arpspoof (I don't doubt > there are many other > approaches) would be to target a single box on your > LAN (victim), and > convince the gateway (router) that you (attacker) > are the victim. > Similarly, you can convince the victim that you are > the router, creating > a perfect man-in-the-middle scenario. In this case, > you only have one > box's traffic to handle, instead of your whole LAN. > > Hope this helps, > > Daniel > > > ---------------------------------------------------------------------------- > This list is provided by the SecurityFocus Security > Intelligence Alert (SIA) > Service. For more information on SecurityFocus' SIA > service which > automatically alerts you to the latest security > vulnerabilities please see: > https://alerts.securityfocus.com/ > > > ______________________________________________________________________ Games, Movies, Music & Sports! http://entertainment.yahoo.ca ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon May 06 2002 - 11:23:50 PDT