Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: MAC address spoofing - conflict?

from [Fabio Nigi] Network Security [Permanent Link]
Subject: Re: MAC address spoofing - conflict?
Date: Mon, 28 Aug 2006 13:06:37 +0200 
 Mon, Aug 28, 2006 at 01:54:25AM -0000, penetrationtestmail@gmail.com scrive:

Thank you very much!


In other words:


If it is a hub (as most wireless APs are), you can have a duplicate MAC on 
the network as long as you set your own, different IP. Once you have 
different IPs, you will receive your own traffic, and the original client 
will receive theirs, as packets are routed using the IP address rather than 
the MAC address.


A switch, on the other hand, routes packets to clients using their MAC 
address rather than the IP address, so you're more likely to have problems in 
this situation - however, this hardly ever applies to APs, especially SOHO 
ones (as they are hubs).




i think that the routing table of the switch is being taken on the MAC
address until the disconnection of host1.

For example, let's take MAC1 (connected) and Attacker. If Attacker
spoof the MAC address of MAC1, he can try to change it with
macchanger, but he will not be really connected until the other client
will be connected to the AP. So Attacker need to use some
disconnection-tool (aircrack for example) and before that MAC1 try to
reconnect, must connect to the AP with his MAC address.


Fabio



Is that correct?


Thank you ;)

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------


-- 

'if you do not see the way, you do not see it even as you walk it'
nigifabio(at)gmx.it // superfabiolone.dyndns.org gpg key id:F7B8DD3F



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: C# Exceptions, Patrick
Next by Date:  Re: C# Exceptions, 3 shool
Previous by Thread:  Re: MAC address spoofing - conflict?, penetrationtestmail
Next by Thread:  Re: MAC address spoofing - conflict?, Cedric Blancher
Indexes:  [Date] [Thread] [Top] [All Lists]