Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic

Re^4: ARP poisoning and redirection

by QuillMeantTen (Friar)
on Feb 13, 2016 at 23:50 UTC ( #1155187=note: print w/replies, xml ) Need Help??

in reply to Re^3: ARP poisoning and redirection
in thread ARP poisoning and redirection

I will quote my first post and explain it since it seems it was not clear enough:
First, in bold:

I do not intend to use on any network that is not mine to own and rule other as I see fit meaning made of machines I own as in paid for.
Since the networking workshop is not made of machines that I own as stated in the first post I fail to see where I implied I would use my script in that setting.

Next thing, if you had taken the time to read the code in said first post as well as that sentence:
The idea came to me after other students told me that during the networking workshops at uni great pranks were to be played on unsuspecting marks : since all computers shared the same login and password one could decide to log into someone else's computer and either eject the legitimate user or reboot the machine.
You would have understood that I am not trying either a DoS or an ARP hijacking (which is quite obvious if you just read the arp part of my code) but hey lets clarify that too.
I am trying to tell a potential attacker that my machine has someone else's mac address. It is the opposite of an arp hijacking. The goal is to have their frames sent somewhere else in such a way that they will not be able to cause harm.

Now onto the next thing, I would be most grateful if you were to explain to me in what way this is <q>script-kiddie code</q>. I am only a neophyte when it comes to network protocols or perl and I know I have a lot of things to learn but I fail to see where this code could be used to either DOS or arp hijack without so much of rewriting it would be equivalent to start from scratch. But do enlighten me so I do not make the same mistake again.

Replies are listed 'Best First'.
Re^5: ARP poisoning and redirection
by Anonymous Monk on Feb 14, 2016 at 10:39 UTC

    a hash with all the ip/mac couples to be found on the local segment ... mac/ip couple is selected ... ARP replies are sent
    If the switch learns from the faux replies, it may begin to forward you the traffic intended for that address. In effect, you're DoS'ing the innocent bystander.

    Other hosts on the network are your peers. One needs administrative control (of the networking equipment) to choke ports or enforce policies. Also, as far as layer 2 protocol is concerned, the "attacker" here is a well-behaving host.

    I encourage everyone to contemplate on the philosophy of the well-known Part 15 of FCC rules:

    1) This device may not cause harmful interference.
    2) This device must accept any interference received, including interference that may cause undesired operation.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://1155187]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others scrutinizing the Monastery: (4)
As of 2022-05-21 07:10 GMT
Find Nodes?
    Voting Booth?
    Do you prefer to work remotely?

    Results (76 votes). Check out past polls.