Penetration Testing: Re: [PEN-TEST] Arp Spoofing under WinNT 4.0

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Penetration Testing mailing list archives

Re: [PEN-TEST] Arp Spoofing under WinNT 4.0

From: "Brentlinger, Mike (ISS eServices)" <mbrentli () ISS NET>
Date: Wed, 31 Jan 2001 16:55:44 -0500

Yes....
WCI suposedly does this http://www.phenoelit.de/arpoc/index.html or you
could use any or the various tools that are for linux on a trinux
http://trinux.sourceforge.net/ distribution. I personally run trinux with
vmware http://www.vmware.com/ so that I can use my windows 2k laptop and
trinux at the same time.

best of luck.

Mike Brentlinger



-----Original Message-----
From: Fabio Pietrosanti
To: PEN-TEST () SECURITYFOCUS COM
Sent: 1/31/01 6:41 AM
Subject: Arp Spoofing under WinNT 4.0

Hi,

I'm doing a pen test, and i got access to an NT server on which i would
like to place a sniffer.

I've tried buttsniff and then Dsniff using WinPcap, but i notice that
they
are on a switched network, so i  have two solutions:

1) Flood the switch of random mac address so his table will'be filled
and
   the switch will operate in bride mode
2) do arp spoofing so i could intercept all packet destinated to the
host
   of which traffic i need to sniff.

On unix there are many tools, but on WinNT 4.0 with WinPcap there are
some
tools for "arp spoofing" ?

Thanks a lot


Best Regards

naif
naif () sikurezza org

By Date By Thread

Current thread:

[PEN-TEST] Arp Spoofing under WinNT 4.0 Fabio Pietrosanti (Jan 31)
- Re: [PEN-TEST] Arp Spoofing under WinNT 4.0 Jose Nazario (Jan 31)
  - Re: [PEN-TEST] Arp Spoofing under WinNT 4.0 m (Jan 31)
  - Re: [PEN-TEST] Arp Spoofing under WinNT 4.0 Shoten (Jan 31)
- <Possible follow-ups>
- Re: [PEN-TEST] Arp Spoofing under WinNT 4.0 Brentlinger, Mike (ISS eServices) (Jan 31)