shawn.a.cliffordLMCO.COM

• Next message: Clifford, Shawn A: "Re: More on ARP cache poisoning"
• Previous message: Oliver Friedrichs: "Re: distributed.net and setihome"
• Next in thread: Clifford, Shawn A: "Re: More on ARP cache poisoning"
• Reply: Clifford, Shawn A: "Re: More on ARP cache poisoning"
• Reply: Sebastian: "Re: More on ARP cache poisoning"
• Reply: Bryce Walter: "Re: More on ARP cache poisoning"
• Reply: Forrest W. Christian: "Re: More on ARP cache poisoning"
• Reply: ulan: "Re: More on ARP cache poisoning"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I tried to see if it would be possible to poison the ARP cache of my machine
(Solaris 2.6) so that it contained an Ether address of a local machine, but
the IP address of a machine outside my network (prep.ai.mit.edu, for
example).

I didn't work. Not with the 'poink' program nor with 'arp -s <host>
<ether>'. The ARP cache in Solaris anyway is smart enough to not take
entries for remote networks. Maybe someone else can try on Linux and other
platforms. I will try under HP-sUX when I get a chance.

So, this pretty much makes moot hijacking the SETI download, etc. You can
ony use the ARP poison to redirect connections _within_ or LAN.

If anybody finds a way around this, please post the solution.

-- Shawn

• Next message: Clifford, Shawn A: "Re: More on ARP cache poisoning"
• Previous message: Oliver Friedrichs: "Re: distributed.net and setihome"
• Next in thread: Clifford, Shawn A: "Re: More on ARP cache poisoning"
• Reply: Clifford, Shawn A: "Re: More on ARP cache poisoning"
• Reply: Sebastian: "Re: More on ARP cache poisoning"
• Reply: Bryce Walter: "Re: More on ARP cache poisoning"
• Reply: Forrest W. Christian: "Re: More on ARP cache poisoning"
• Reply: ulan: "Re: More on ARP cache poisoning"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]