Re: Man in the middle attack help

From: Roman Shirokov (insecure@yandex.ru)
Date: Sat Mar 25 2006 - 12:57:56 EST


Hello atomic-spark,

Friday, March 24, 2006, 9:56:21 AM, you wrote:

> Greetings to all,

 

> I was wondering if anyone knew of a windows or freebsd program
> that can spam MAC addresses through a network so I can overflow a
> switch,

> The program is needed for a practical lab I’m setting up to help
> with my education into security and pen-testing because I would like
> to expand on what I’m learning at uni, at home in a lab environment
> of course.

 
Try EtherFlood - http://ntsecurity.nu/toolbox/etherflood/

EtherFlood floods a switched network with Ethernet frames with random hardware addresses.

and

Macof from Dsniff - http://monkey.org/~dugsong/dsniff/
Dsniffs "macof" generates random MAC addresses exhausting the switch's memory.
It is capable of generating 155,000 MAC entries on a switch per minute.
Some switches than revert to acting like a hub.

-- 
 Roman Shirokov
 Systems Administrator
 CNA
 e-mail: insecure@yandex.ru
 http://securitybox.org.ru
 Key fingerprint: 85A4 8586 FEEE 171B D0F1  A9C1 27C8 A907 EE45 7D0E  
 
 Living in digital, thinking in binary, talking on IP - welcome to our world!
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security? 
As attacks through web applications continue to rise, you need to proactively 
protect your applications from hackers. Cenzic has the most comprehensive 
solutions to meet your application security penetration testing and 
vulnerability management needs. You have an option to go with a managed 
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). 
Download FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:44 EDT