arp spoofing
Results 1 to 9 of 9

Thread: arp spoofing

  1. #1
    Member
    Join Date
    Jan 2003
    Posts
    47

    arp spoofing

    sorry if i posted this twice the fist time somthing weird happend can anyone direct me to a tut or tel me how to spoof an arp packet preferibly on engage paket builder but otehr things are fine too thanks

  2. #2
    Member
    Join Date
    Mar 2003
    Posts
    50
    Please take the time to search the forums prior to posting.
    I found the following by searching for 'arp spoofing' your post title...

    this will keep you in the groups graces...


    http://www.antionline.com/showthread...t=arp+spoofing

    Later...

  3. #3
    Member
    Join Date
    Jan 2003
    Posts
    47
    im sorry i was not clear in my fisrt post im not looking to spoof my MAC im wan tto spoof an arp reply

  4. #4
    Senior Member
    Join Date
    Jun 2004
    Posts
    379
    um i dont under stand what your talking about, whne you arp spoof what your doing is spoofing the MAC address in the switches cam table so when information that is sent to someone else is sent it actualy goes to you. ARP deals with MAC addresses, if you want to spoof an ip address that is something diffrent that is not arp spoofing.

  5. #5
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    QUOTE]im not looking to spoof my MAC im wan tto spoof an arp reply[/QUOTE]

    Well now that’s an interesting response. Since an ARP Request attempts to find the data link layer (MAC) address of a given IP Address.

    So I gotta ask you if you really know what you will be doing if you do spoof an ARP Response? I’ll let you know anyway. You will cause all other units on that network to update their ARP tables with the false mapping you created. Once these other tables contain the fictitious info, packets will be sent to the spoofed address. These packets could contain all kinds of sensitive information. FYI this is called the “Man in the Middle Attack” and a variant of the same is ARP Poisoning (both of which could introduce you to a cellmate called BuBBa).

    Won't help you there. But now if it is for testing on your own network, you should learn the whole thing instead of just having someone give you a packet builder or some other software. You should study and understand the elements/format of an ARP/RARP Request and Response. Below are some sites to get you started with a basic understanding of ARP and also you should study the TCP/IP Protocol Stack. So good luck.

    http://www.erg.abdn.ac.uk/users/gorr...pages/arp.html

    http://www.geocities.com/SiliconVall...twork/arp.html
    Connection refused, try again later.

  6. #6
    Member
    Join Date
    Jan 2003
    Posts
    47
    wait so can you correct me if im wrong an arp query is used when a computer is asked to send info to an ip that dose not have an entry in its arp table it then sends out an arp query on teh broadcast address that basicly says to all computers if your ip is X then send your MAC to Y Ybeing the computer that initiated the query. then the omputer X sends an arp response to Y saying that yes im ip X and this is My MAC. I want to know how to spoof this arp responce
    is my understanding of the proto wrong?

  7. #7
    Senior Member
    Join Date
    Jun 2004
    Posts
    379
    only thing that i see wrong is that computers dont amke arp requests switches make them.

  8. #8
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255
    Technically "packet" spoofing software should be incapable of generating ARP requests, but that aside, engage appears to allow you to spoof the MAC, but not forge ARP traffic. This might be more along the lines of what you want: http://www.nextsecurity.net/products...inARPSpoof.htm

    Originally posted here by Relyt
    Once these other tables contain the fictitious info, packets will be sent to the spoofed address. These packets could contain all kinds of sensitive information. FYI this is called the “Man in the Middle Attack” and a variant of the same is ARP Poisoning (both of which could introduce you to a cellmate called BuBBa).
    ARP Spoofing is used for things other than MITM attacks (LAN-based DoS for instance) -- it is only MITM in situations where traffic is being illegitimately redirected to an unfriendly host. Technically, all ARP Spoofing is ARP Poisoning.

    Originally posted here by Riot
    only thing that i see wrong is that computers dont amke arp requests switches make them.
    Thank you for playing, but no, you are incorrect. ALL Ethernet devices that communicate via IP make ARP requests.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  9. #9
    Senior Member
    Join Date
    Jun 2004
    Posts
    379
    Thank you for playing, but no, you are incorrect. ALL Ethernet devices that communicate via IP make ARP requests.
    yes your correct sorry for my messup. must not have been thinking.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •