Home page logo

pen-test logo Penetration Testing mailing list archives

Mac spoofing using libnet
From: preceptor () hushmail com
Date: Fri, 22 Mar 2002 05:12:26 -0800

I'm currently looking at a system which seems to avoid using ARP to resolve a mac address. Instead, it's looking at the 
mac address embedded in the packet.
I was wondering, if there are any tools built around Libnet (or similar) which are able to handle a whole tcp/IP 
session. (nemesis is the sort of idea, but unfortunately the test I'm looking at is an HTTP request, which is a little 
challenging using nemesis).
Alternatively, I was looking at having two NICs with different mac addresses, duplicate IP addresses, and network 
cables such that one of the interfaces is send only.
Can anyone point me at such a tool? (or an example of libnet used to do a whole session). I'm content enough to put 
this together, but I don't really want to re-invent the wheel if it's already been done.

Ed Rolison

Hush provide the worlds most secure, easy to use online applications - which solution is right for you?
HushMail Secure Email http://www.hushmail.com/
HushDrive Secure Online Storage http://www.hushmail.com/hushdrive/
Hush Business - security for your Business http://www.hush.com/
Hush Enterprise - Secure Solutions for your Enterprise http://www.hush.com/

Looking for a good deal on a domain name? http://www.hush.com/partners/offers.cgi?id=domainpeople

This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]