Hello,
Wired interfaces have a different MAC address then the wireless
interface for the same device -- It's not truly a single device at
the board-component level. Some manufactures put a sicker someplace
with both.
Regards,
--
Jason Muskat | GCFA, GCUX - de VE3TSJ
____________________________
TechDude
e. Jason@TechDude.Ca
m. 416 .414 .9934
http://TechDude.Ca/
On 12-Jun-07, at 8:33 PM, curiouscode wrote:
I have a linksys wireless AP and router. I have been monitoring my
ethernet
traffic on the wireless laptop (cant put the card into promiscuous
mode), so
I know I cant see all the traffic that is out there.
I have WEP and I know its trivial to break it, I am suspicious it
has been
broken, but I have not changed the key- because I need to prove it
to my SO
that we need to get WAP.
I noticed something odd yesterday. This is my configuration: 1
wireless
laptop A, one computer wired directly connected to router with
cable, B
router ip: 192.168.1.1
Wireless PORT on the router: 00:11:22:33:44:55:90
Port to which wired Computer B is connected: 00:11:22:33:44:55:8E
Arp table on wireless computer shows: 192.168.1.1 --
>00:11:22:33:44:55:8E
since the MAC address is that of the wired port, I was wondering
what is
going on, so I made a static arp entry in wireless comp A
192.168.1.1 -->00:11:22:33:44:55:90
Something I did not expect happened,as I watehced the packets with
ethereal.
My outgoing packets has ethernet address of the actual wireless
port MAC,
which I just added ie., 00:11:22:33:44:55:90, BUT the incoming
packets has
the reply coming from 00:11:22:33:44:55:8E.
My questions:
Is there a logical explanation for this ?
If someone was masquerading as 00:11:22:33:44:55:8E/192.168.1.1 AP,
would
that not cause a problem with the real AP having 8E as a port(wired
port)
Can there be NICS on the same network with same mac-address -what
happens
then ?
Since my wired computer A is connected to the physical
00:11:22:33:44:55:8E
port, can someone who is a wireless NIC of the same MAC
00:11:22:33:44:55:8E
-hear traffic from my wired computer-which is destined for the
router ?
Thanks
--
View this message in context: http://www.nabble.com/send-to-MAC-A%
2C-reply-from-MAC-B%2C-same-IP.-Whats-going-on---
tf3911609.html#a11090445
Sent from the Incidents mailing list archive at Nabble.com.
----------------------------------------------------------------------
---
This list sponsored by: SPI Dynamics
ALERT: .How a Hacker Launches a SQL Injection Attack!.- White Paper
It's as simple as placing additional SQL commands into a Web Form
input box
giving hackers complete access to all your backend systems!
Firewalls and IDS
will not stop such attacks because SQL Injections are NOT seen as
intruders.
Download this *FREE* white paper from SPI Dynamics for a complete
guide to protection!
https://download.spidynamics.com/1/ad/sql.asp?
Campaign_ID=70160000000Cn8E
----------------------------------------------------------------------
----
-------------------------------------------------------------------------
This list sponsored by: SPI Dynamics
ALERT: .How a Hacker Launches a SQL Injection Attack!.- White Paper
It's as simple as placing additional SQL commands into a Web Form input box
giving hackers complete access to all your backend systems! Firewalls and IDS
will not stop such attacks because SQL Injections are NOT seen as intruders.
Download this *FREE* white paper from SPI Dynamics for a complete guide to protection!
https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000Cn8E
--------------------------------------------------------------------------
