Home page logo

pen-test logo Penetration Testing mailing list archives

Re: MAC address spoofing - conflict?
From: "Gavin White" <white.gavin () gmail com>
Date: Mon, 21 Aug 2006 17:11:18 +0100

On 17 Aug 2006 01:03:14 -0000, penetrationtestmail () gmail com
<penetrationtestmail () gmail com> wrote:
> I think it does matter. Because there will be more than host replying to

> ARP broadcasts and the question is what will happen.

That is the question... And if anyone knows the exact answer, that would be most helpful ;)

I've experimented with this before, with two PCs connected to the same
switch (I forget the make, it was a cheapo model), both with the same
MAC address.

The two PCs could still browse a remove website, but at a much reduced
speed. It felt like going through a slow modem. I had the feeling that
packets coming back from the web server were being randomly sent to
either PC.

Depending on the infrastructure, both you and the spoofee may still
get service, but it might be pretty slow.


This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]