Honeypots: Re: MAC address

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Honeypots mailing list archives

Re: MAC address

From: Cedric Blancher <blancher () cartel-securite fr>
Date: Sun, 07 Mar 2004 19:38:39 +0100

Le dim 07/03/2004 à 09:21, Our-team a écrit :

I am a graduate student and am doing a project on honeypots. Can a
person get the  remote MAC address of a machine. If it happens then he
can see that al the ip address of virtual honeypot point to a single
machine.


He can only if it "attacks" the honeypot from the same ethernet subnet.
Otherwise, he will only able to see the appropriate router MAC.

This can be a problem when you try to set up honeypots that are destined
to get very close to attacker, such as Wi-Fi honeypot or high
interaction ones.

-- 
http://www.netexit.com/~sid/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE

Hi! I'm your friendly neighbourhood signature virus.
Copy me to your signature file and help me spread!

By Date By Thread

Current thread:

MAC address Our-team (Mar 07)
- Re: MAC address Niels Provos (Mar 07)
- Re: MAC address Cedric Blancher (Mar 07)
- Re: MAC address methodyk (Mar 07)
- Re: MAC address Olaf Gellert (Mar 07)
- <Possible follow-ups>
- RE: MAC address Weaver, Woody (Mar 08)