OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Victor Acosta (victormTERRABOX.COM)
Date: Thu Mar 29 2001 - 14:11:21 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

            What about Vlan Managers from Switches that handles MAC Address
    Adminintration not IPs?

                               .o0 Victor M. Acosta 0o.
                                 victormterrabox.com
                                    ICQ# 49693703
                                    

    On Wed, 28 Mar 2001, Nick Summy wrote:

    > Now I hardly know anything about this subject, so correct me If im wrong,
    > but I have a few questions.
    >
    > >From what it looks like, your computer is able to see all requests for IP
    > addresses on some cable networks. Now lets say you got an IP address that
    > was orignaly supposed to be going to someone else. A. Wouldnt the cable
    > network realize that the IP Address didnt go to the correct person
    > (verification by MAC Address?) and B. Where does this leave person who the
    > IP address was originally supposed to go to? Do they just request another
    > one and get it? And if so would the cable network allow a person to grab 2
    > IP addresses?
    >
    > I may be totally off based by this, and if so let me know, but these seem
    > like common sense questions.
    >
    > Nick Summy
    >
    >
    >
    > -----Original Message-----
    > From: VULN-DEV List [mailto:VULN-DEVSECURITYFOCUS.COM]On Behalf Of
    > Patrick Maartense
    > Sent: Wednesday, March 28, 2001 2:14 AM
    > To: VULN-DEVSECURITYFOCUS.COM
    > Subject: Hijack IP Address using cable modem
    >
    >
    > DISCLAIMER
    > A large cablenetwork company has been informed of this MISBEHAVIOUR and
    > threatened to disconnect me. they would not think of a proper sollution :
    >
    > Purpose: A Hackers dream, work from your won PC with IP Addresses someone
    > else owns:
    >
    > In short, Occupy IP Addresses someone else normally owns.
    > Normal Broadband Cable networks either give out DHCP Addresses or a Fix
    > Address or Address range.
    >
    > When doing a SNIF on the outbound iface a proper designed network should
    > not broadcast ARP request not meant for the network on that end of the
    > CableModem.
    >
    > Some Networks However are Weak Configurred and broadcast ARP for the
    > entire shared medium through all Cable Modems attached to that Network.
    >
    > A smart hacker would setup the outbound iface to reply to all ARP requests
    > it gets, therefor being able to take any IP Address that is broadcasted
    > for.
    >
    > This makes folliwng possible:
    >
    > Dos.
    > Hacking using Outhers Addresses
    > Not to mention all other fun...
    >
    >
    > any Comments on this ?
    >
    > --
    > ---
    > Kind Regards
    > Patrick Maartense (using Pine on a Text Console)
    >