Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: fooling hubs [ARP Spoofing]

From: pmal () SPACE GR (Panagiotis Malakoudis)
Date: Fri, 4 Feb 2000 09:10:06 +0200

What is the type of your connection to your ISP?
If it is a leased line and they reserved a specific port on their router
then changing the mac address wont do anything since they measure the
traffic passed though that interface, regarding mac or ip address of the
machine making the request.
I don't see how just by changing your mac address one could fool the service
provider.
Please provide more info.

=================
Panagiotis S. Malakoudis
Systems Administrator
Space Hellas S.A.
=================

----- Original Message -----
From: "David aka SpanskA" <spanska_ () HOTMAIL COM>
To: <VULN-DEV () SECURITYFOCUS COM>
Sent: Friday, February 04, 2000 12:05 AM
Subject: fooling hubs [ARP Spoofing]

Hi,
   I was looking at ARP spoofing postings for a while and I was wondering if
it was possible to permanently fool some hubs or routers. My ISP
(Cablevision) is using some kind of system to know how much I'm uploading
and downloading.

I succesfully did it one time with a little prog called "changemac". If you
wanna look at it just go to packetstorm archive. Unfortunately, the last
month I checked the data report I could see that my ISP was able to know
(again!) how much I was downloading and uploading.

Is this a bug with some kind of hardware or with ARP protocol?

Sorry for my English mistakes...

David Laganière
Administrator
e-mail: root () securinet qc ca
www: http://www.securinet.qc.ca/
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
Previous By Date Next
Previous By Thread Next

Current thread: