Re: Redirecting traffic

From: Rodrigo Blanco (rodrigo.blanco.r@gmail.com)
Date: Sun Aug 07 2005 - 08:07:01 EDT

• Next message: Rochford, Paul: "RE: AD password Auditing"
• Previous message: Pigeon: "Re: What are some good sources to keep me up top :) ?"
• In reply to: Andres Molinetti: "Redirecting traffic"
• Next in thread: Liam Randall: "RE: Redirecting traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello Andrés,

I wold say that if you ARP-spoof the client, you will be able to
perform a full man-in-the-middle attack betwee the client and the
server on Layer 2 (no layer 3 - routing, IP) changes needed.

An application like ettercap should be a good beginning for this. It
is really easy to use and you ca find plenty of doc just by googling.

Regards,
Rodrigo.

On 8/5/05, Andres Molinetti <andymolinetti@hotmail.com> wrote:
> I am pen-testing a client application and I 've found, analysing traffic
> dumps, that it seems to connect to a hardcoded internal IP and retrieve data
> from a strange port that is afterwards displayed in the application.
> I want to be able to redirect that traffic to another IP in order to test it
> for overflows and other issues.
> I have found a way to change the default gateway of the application's host.
> So I thought of setting my linux box as its gateway and using iptables to
> redirect the traffic to the other IP.
> I'm needing help with the building of the rules...
>
> Thks,
> Andy
>
> _________________________________________________________________
> Descubre la descarga digital con MSN Music. Más de medio millón de
> canciones. http://music.msn.es/
>
>
> ------------------------------------------------------------------------------
> FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't
>
> Learn the hacker's secrets that compromise wireless LANs. Secure your
> WLAN by understanding these threats, available hacking tools and proven
> countermeasures. Defend your WLAN against man-in-the-Middle attacks and
> session hijacking, denial-of-service, rogue access points, identity
> thefts and MAC spoofing. Request your complimentary white paper at:
>
> http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
> -------------------------------------------------------------------------------
>
>

------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------

• Next message: Rochford, Paul: "RE: AD password Auditing"
• Previous message: Pigeon: "Re: What are some good sources to keep me up top :) ?"
• In reply to: Andres Molinetti: "Redirecting traffic"
• Next in thread: Liam Randall: "RE: Redirecting traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:42 EDT