Penetration Testing mailing list archives
Re: MAC address spoofing - conflict?
From: Fabio Nigi <nigifabio () gmx it>
Date: Mon, 28 Aug 2006 13:06:37 +0200
Mon, Aug 28, 2006 at 01:54:25AM -0000, penetrationtestmail () gmail com scrive:
Thank you very much! In other words: If it is a hub (as most wireless APs are), you can have a duplicate MAC on the network as long as you set your own, different IP. Once you have different IPs, you will receive your own traffic, and the original client will receive theirs, as packets are routed using the IP address rather than the MAC address. A switch, on the other hand, routes packets to clients using their MAC address rather than the IP address, so you're more likely to have problems in this situation - however, this hardly ever applies to APs, especially SOHO ones (as they are hubs).
i think that the routing table of the switch is being taken on the MAC address until the disconnection of host1. For example, let's take MAC1 (connected) and Attacker. If Attacker spoof the MAC address of MAC1, he can try to change it with macchanger, but he will not be really connected until the other client will be connected to the AP. So Attacker need to use some disconnection-tool (aircrack for example) and before that MAC1 try to reconnect, must connect to the AP with his MAC address. Fabio
Is that correct? Thank you ;) ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------
-- 'if you do not see the way, you do not see it even as you walk it' nigifabio(at)gmx.it // superfabiolone.dyndns.org gpg key id:F7B8DD3F ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------
Current thread:
- Re: MAC address spoofing - conflict?, (continued)
- Re: MAC address spoofing - conflict? Lubos Kolouch (Aug 21)
- Re: MAC address spoofing - conflict? Michael Dieroff (Aug 21)
- Re: MAC address spoofing - conflict? Cedric Blancher (Aug 21)
- Re: MAC address spoofing - conflict? dogten (Aug 21)
- R: MAC address spoofing - conflict? Sebastian Zdrojewski (Aug 21)
- RE: MAC address spoofing - conflict? Upadhyaya, Vijay (Aug 23)
- Re: MAC address spoofing - conflict? Gavin White (Aug 21)
- Re: MAC address spoofing - conflict? Fabio Nigi (Aug 28)
- Re: MAC address spoofing - conflict? Cedric Blancher (Aug 29)