Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Spoofed IP address[Scanned]

from [Davie Elliott - Eluse] Network Security [Permanent Link]
Subject: Re: Spoofed IP address[Scanned]
Date: Sat, 23 Sep 2006 19:22:59 +0100 
If I remember correctly, the attacker doesn't use the same IP address... its
sends a forged ARP packet to the server to change the MAC address entry into
the server's ARP table to point to the attackers IP.

I think the solution to this is to setup a broadcast listener... a machine
that listens to Transmissions over the broadcast IP such as ARP requests.
The broadcast listener should listen out for MAC and IP spoofing.

----- Original Message ----- 
From: "xun dong" <xundong@cs.york.ac.uk>
To: <pen-test@securityfocus.com>
Sent: Friday, September 22, 2006 4:54 PM
Subject: Spoofed IP address[Scanned]



Thanks everyone who read and answer my question.

Given a scenario as below:

When someone wants to launch a man-in-the-middle attack on the
communication between the client and server. In order to make it more
transparent(hard to discover) can the attacker pretended to has the same
IP address as the server(when handling the communication with client
end) while pretending to has the same IP address as the client(when
handling the communication with server end). If it is possible, can you
tell me your solutions.

This is not used to generate real attacks, it is just a concern I come
cross when designing a communication system.

Thanks a lot.

Xun Dong

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.


http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW

------------------------------------------------------------------------







------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Spoofed IP address, Cedric Blancher
Next by Date:  Bluetooth Wireless Keyboards, Kevin white
Previous by Thread:  Re: Spoofed IP address, Cedric Blancher
Next by Thread:  pwdump6 1.4.0 and fgdump 1.3.2 Released, fizzgig
Indexes:  [Date] [Thread] [Top] [All Lists]