-
August 2nd, 2006, 11:16 AM
#1
cain arp poisoning
when i do the arp poisoning (sniffing) using cain ... how will it affect my network (in what way ... how will it be noticible ... what effects will it have)
-
August 2nd, 2006, 11:40 AM
#2
Typically if you read the docs that come with the tool, this sort of thing is explained. Also, if you don't understand what the effects will be, it's better not to play on a network you don't own.
Have a look here:
http://en.wikipedia.org/wiki/ARP_poisoning
--TH13
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
August 2nd, 2006, 02:57 PM
#3
Junior Member
Sounds like some good advice to me, but I can guarantee that the arp poisoning will be noticed if you have anyone who is monitoring an IDS that uses amomoly detection. On top of that you will be definitely stirring up some more traffic 'especially suspicious traffic'. If your not sure on this and you don't own the network, better to not start playing. Practice on your own home lab.
-
August 3rd, 2006, 02:40 AM
#4
in C47's defense... he did say 'my network' but that could mean any number of things... I have found however, that if you try to poison too many hosts on the network, it can result in a denial of service [DOS]... but like the previous posts stated, experiment on your home network... in any other setting, this could be considered extremely unethical and possibly illegal.
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
-HST
-
August 6th, 2006, 05:48 AM
#5
thx everyone...so basically its a dos in progress (that can stop the network altogether) ....
the reason i asked this was that with cain, i find multiple adapters and i cant seem to find my own adpter for the network....i dont want to go ahead and start 'arping' some other companies network.....
i want to 'sniff' my own network not some one elses......but cain doesnt show my network address
everyonein my network has the same adpter (D-Link 530TX) but the adresses are different....howz that?
-
August 6th, 2006, 10:16 AM
#6
i dont want to go ahead and start 'arping' some other companies network.....
everyonein my network has the same adpter (D-Link 530TX) but the adresses are different....howz that?
To whom does this network actually belong? if it really IS YOURS, how do you expect to inadvertently access the network of another company?
If this network does NOT belong to you, as I strongly suspect, DO not mess about on it with things you obviously don't understand.
If all the devices on a network had the same address, how would the system know where to send things?................sending all packets to everybody would hardly be efficient?............ that really would DoS your network?
-
August 7th, 2006, 11:48 AM
#7
i feel like a uber n00b now....
To whom does this network actually belong? if it really IS YOURS, how do you expect to inadvertently access the network of another company?
sorry i just found out that the scan result in all my active network machines....
so heres the question
"APR enables you to hijack IP traffic between the selected host on the left list and all selected hosts on the right list in both directions. If a selected host has routing capabilities WAN traffic will be intercepted also. Please note that since your machine has not the same performance of a router you could cause DoS if you set APR between your Default Gateway and all other hosts on your LAN."
how fast is a router? why cant my machine be fast enough?
look plz dont panic....i was under the false impression that the left side was some kinda router and the right side was the list of machines connected to it....(i assumed that from the cain video from irongeeks)
-
August 7th, 2006, 12:33 PM
#8
No offense, but if you don't understand how each machine has the same model of network adapter, but different ip addresses... you have little understanding about TCP/IP, the OSI model, switching, ARP, hubs/switches, routing, etc.
I strongly recommend you get a better understanding of basic networking before you play around with tools like cain or ettercap. They are fun to toy around with, but if you don't understand what is going on... it's about worthless. And, as mentioned... you can cause some serious hicups on "your" network. I don't think the other users (not to mention the real admin) would appreciate your will to learn when done without regard for what you're actually doing.
Any decent networking book will teach you all of the above. Heck... even the Hacking Exposed series will teach you the basics along with give you a better understanding of what you're asking here.
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
August 8th, 2006, 06:43 AM
#9
i got it now, i ran the arp poisoning for a minute and saw the packets transfer...my system wasnt able to keep up....guess thats about it then...
I found this good guide from datastronghold about Cain and Abel
http://www.datastronghold.com/content/view/136/29
i had the whole idea wrong..perhaps becoz i didnt read the cain messages properly and didnt watch the video with the sound on...lol
-
August 8th, 2006, 10:20 PM
#10
Ok well..what does the ARP poisioning mean? I knew that the DNS cache poisioning was changing the DNS chache of the remote computers' DNS server to make to redirect the browser to some other site when the victim types the address of his choice!
So does the ARP poisioning do somehing similar like make the machines believe that they are sending the data to the legitimate host whice it is being trasmitted to the "Hacker's" machine?
"Everything should be made as simple as possible, but not simpler."
- Albert Einstein
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|