Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid
 
PerlMonks  

Re^3: ARP poisoning and redirection

by Anonymous Monk
on Feb 13, 2016 at 13:42 UTC ( #1155158=note: print w/replies, xml ) Need Help??


in reply to Re^2: ARP poisoning and redirection
in thread ARP poisoning and redirection

I don't see what the ultimate goal is here. Are you trying to set up a DoS or an ARP hijack? If the latter, you probably want to enable ip_forward also. You haven't elaborated on the network topology, either. Protocol/flow description with the "usual suspects" Alice, Bob, Celia would no doubt be enlightening.

If you want to work a trick in the classroom, you've plenty of alternatives. For example: scripted login to plug the holes and harden all hosts. In any case, please refrain from posting script-kiddie tools.

Replies are listed 'Best First'.
Re^4: ARP poisoning and redirection
by QuillMeantTen (Friar) on Feb 13, 2016 at 23:50 UTC

    I will quote my first post and explain it since it seems it was not clear enough:
    First, in bold:

    I do not intend to use on any network that is not mine to own and rule other as I see fit meaning made of machines I own as in paid for.
    Since the networking workshop is not made of machines that I own as stated in the first post I fail to see where I implied I would use my script in that setting.

    Next thing, if you had taken the time to read the code in said first post as well as that sentence:
    The idea came to me after other students told me that during the networking workshops at uni great pranks were to be played on unsuspecting marks : since all computers shared the same login and password one could decide to log into someone else's computer and either eject the legitimate user or reboot the machine.
    You would have understood that I am not trying either a DoS or an ARP hijacking (which is quite obvious if you just read the arp part of my code) but hey lets clarify that too.
    I am trying to tell a potential attacker that my machine has someone else's mac address. It is the opposite of an arp hijacking. The goal is to have their frames sent somewhere else in such a way that they will not be able to cause harm.

    Now onto the next thing, I would be most grateful if you were to explain to me in what way this is <q>script-kiddie code</q>. I am only a neophyte when it comes to network protocols or perl and I know I have a lot of things to learn but I fail to see where this code could be used to either DOS or arp hijack without so much of rewriting it would be equivalent to start from scratch. But do enlighten me so I do not make the same mistake again.

[reply]

      a hash with all the ip/mac couples to be found on the local segment ... mac/ip couple is selected ... ARP replies are sent
      If the switch learns from the faux replies, it may begin to forward you the traffic intended for that address. In effect, you're DoS'ing the innocent bystander.

      Other hosts on the network are your peers. One needs administrative control (of the networking equipment) to choke ports or enforce policies. Also, as far as layer 2 protocol is concerned, the "attacker" here is a well-behaving host.

      I encourage everyone to contemplate on the philosophy of the well-known Part 15 of FCC rules:

      1) This device may not cause harmful interference.
      2) This device must accept any interference received, including interference that may cause undesired operation.

[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://1155158]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others surveying the Monastery: (3)
As of 2022-07-04 00:28 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found
    Notices?