Re: MAC address spoofing - conflict?

From: Fabio Nigi (nigifabio@gmx.it)
Date: Mon Aug 28 2006 - 07:06:37 EDT

• Next message: Patrick: "RE: C# Exceptions"
• Previous message: Marco Ivaldi: "Re: Vulnerability Assessment vs. PenTest"
• In reply to: penetrationtestmail@gmail.com: "Re: MAC address spoofing - conflict?"
• Next in thread: Cedric Blancher: "Re: MAC address spoofing - conflict?"
• Reply: Cedric Blancher: "Re: MAC address spoofing - conflict?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

 Mon, Aug 28, 2006 at 01:54:25AM -0000, penetrationtestmail@gmail.com scrive:
> Thank you very much!
>
>
> In other words:
>
>
> If it is a hub (as most wireless APs are), you can have a duplicate MAC on the network as long as you set your own, different IP. Once you have different IPs, you will receive your own traffic, and the original client will receive theirs, as packets are routed using the IP address rather than the MAC address.
>
>
> A switch, on the other hand, routes packets to clients using their MAC address rather than the IP address, so you're more likely to have problems in this situation - however, this hardly ever applies to APs, especially SOHO ones (as they are hubs).
>

i think that the routing table of the switch is being taken on the MAC
address until the disconnection of host1.

For example, let's take MAC1 (connected) and Attacker. If Attacker
spoof the MAC address of MAC1, he can try to change it with
macchanger, but he will not be really connected until the other client
will be connected to the AP. So Attacker need to use some
disconnection-tool (aircrack for example) and before that MAC1 try to
reconnect, must connect to the AP with his MAC address.

Fabio

>
> Is that correct?
>
>
> Thank you ;)
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php
> ------------------------------------------------------------------------

-- 
'if you do not see the way, you do not see it even as you walk it'
nigifabio(at)gmx.it // superfabiolone.dyndns.org gpg key id:F7B8DD3F
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

• Next message: Patrick: "RE: C# Exceptions"
• Previous message: Marco Ivaldi: "Re: Vulnerability Assessment vs. PenTest"
• In reply to: penetrationtestmail@gmail.com: "Re: MAC address spoofing - conflict?"
• Next in thread: Cedric Blancher: "Re: MAC address spoofing - conflict?"
• Reply: Cedric Blancher: "Re: MAC address spoofing - conflict?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:51 EDT