Home page logo

nmap-dev logo Nmap Development mailing list archives

Send ARP before spoof
From: "flacman" <flacman () gmail com>
Date: Mon, 5 Nov 2007 09:29:35 -0500

Hi, i've been testing a los nmap IpSpoof function, and some times it doesn't
function. I was wondering why, so I make tests using whireshark. The reason
was that sometimes the router/switch don't have in it's cache the mac
address of the source (the attacker) so it have to send arp packages to see
who was the owner of that ip. In other word's it makes like a blind ipSpoof.
So, I propose to send first some spoofed arp packages first to fill the
router/switch cache first.




Flacman [at] colombiaunderground.org

Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
  • Send ARP before spoof flacman (Nov 05)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]