Home page logo

pen-test logo Penetration Testing mailing list archives

R: Re: MAC address spoofing - conflict?
From: "Massimo Baschieri" <massimo.baschieri () re-ti it>
Date: Sun, 3 Sep 2006 09:49:17 +0200

Maybe you could explain what happens to the AP's ARP cache when it had
duplicate entries then?

Maybe you are getting a little confused about ap and arp.
An AP is a L2 device and as such it doesn't need arp table in order to
perform its duties.
Arp table is there almost only because it's supposed for the AP to have an
ip address for management purposes and because the ap itself may have to
talk with external services (radius, syslog, ntp, ecc..), but if no wireless
client is accessing the management interface of the ap no client mac address
is going to appear in the arp table of the ap. 
Yes, dhcp server may (or may not) have problems with duplicate mac
addresses, but if you are forging a mac address you are not going to use
dhcp, aren't you?

This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]