[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: trusted solaris pen testing
>There are two possibilities: either find out the trusted hosts, and take
>their IP (DoS that box first) or go for the spoofing idea.
>Spoofing is hard, especially on a switched network. I currently don't
>know of any pre-written source that does this well. (I'm currently in
>the process of writing my own). So, if you would like to undertake this,
>you will probably need to write your own code.
>Remember, if spoofing an IP on a switched network you will need ARP
>spoofing in order to get the recieved packets.
Well, don't forget when spoofing arp on a switched network to enable ip forwarding on your box.
Spoofing isn't hard when you have dsniff...
Confidentiality Notice: This e-mail communication and any attachments may contain
confidential and privileged information for the use of the designated recipients named above. If
you are not the intended recipient, you are hereby notified that you have received this
communication in error and that any review, disclosure, dissemination, distribution or
copying of it or its contents is prohibited. If you have received this communication in
error, please notify me immediately by replying to this message and deleting it from your
computer. Thank you.