Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Properly Arp Cache Poisoning
From: Chris Brenton <cbrenton () chrisbrenton org>
Date: Mon, 04 Jan 2010 05:45:07 -0500

On Wed, 2009-12-30 at 14:50 -0200, Leandro Quibem Magnabosco wrote:

Recently I attempted an Arp Cache Poisoning to sniff over switched 
The problem is that it works against my home computer but not against my 
When I try to sniff my laptop, it get DoS'ed.
Sniffing my Desktop it all goes smoothly.

What do you mean by "DoS'ed"? Does the OS become unresponsive? Does the
OS report an IP conflict? If you check the interface, is it still using
the correct IP address? What OS/version is on each system?

I've noticed Vista and later will sometimes shutdown if it detects
another system advertising the IP address it is using (like during an
ARP cache poisoning attack). This is your most likely root cause, but
additional clarification as to what happens to the laptop would be


This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]