cokacola Posted January 21, 2009 Share Posted January 21, 2009 Hi! I just tried doing a man in the middle attack at work using tools shown in 1x03 ep and connected on the wired lan .. works gr8. Was wondering if i can do the same connected through wireless. Quote Link to comment Share on other sites More sharing options...
stingwray Posted January 21, 2009 Share Posted January 21, 2009 If its ARP cache poisoning, then yes. Its not physical layer dependent, with wireless though, if you have a card that will catch all the packets and you know the encryption key (if there is one) then you can just read the packets without needing to do any poisoning. Quote Link to comment Share on other sites More sharing options...
WhollyMindless Posted January 21, 2009 Share Posted January 21, 2009 Fear the pineapple. You might want to watch some of the newer shows. Quote Link to comment Share on other sites More sharing options...
PC646 Posted March 5, 2009 Share Posted March 5, 2009 Can APR Poisoning be detected? or tracked later? Quote Link to comment Share on other sites More sharing options...
dr0p Posted March 5, 2009 Share Posted March 5, 2009 Can APR Poisoning be detected? or tracked later? Yes, it can. There are tools that monitor the amount of ARP requests / responses and report if there are too many. Quote Link to comment Share on other sites More sharing options...
PC646 Posted March 5, 2009 Share Posted March 5, 2009 Yes, it can. There are tools that monitor the amount of ARP requests / responses and report if there are too many. But how common is that and Cain/Abel allows for random fake MAC addresses to limit pointing the finger at you. Quote Link to comment Share on other sites More sharing options...
dr0p Posted March 5, 2009 Share Posted March 5, 2009 But how common is that and Cain/Abel allows for random fake MAC addresses to limit pointing the finger at you. Medium to large companies usually have IDS (Intrusion Detection Systems) on their networks which detect this and many other network threats in real time. Other than that, not many networks have anything like that running. Quote Link to comment Share on other sites More sharing options...
vector Posted March 5, 2009 Share Posted March 5, 2009 If its ARP cache poisoning, then yes. Its not physical layer dependent, with wireless though, if you have a card that will catch all the packets and you know the encryption key (if there is one) then you can just read the packets without needing to do any poisoning. any wireless card will work. Quote Link to comment Share on other sites More sharing options...
Sparda Posted March 5, 2009 Share Posted March 5, 2009 Allot of software firewalls (other than the built in Windows firewall) can detect the attack and prevent it from working. Quote Link to comment Share on other sites More sharing options...
post_break Posted March 5, 2009 Share Posted March 5, 2009 I wouldn't try to do arp poisoning at work if you're not working in IT. I take that back, I wouldn't do it period. That type of stuff can come back and bite you in the ass. Source fire will definitely know what's up depending on what your company does. Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted March 5, 2009 Share Posted March 5, 2009 Not to mention you risk breaking the entire network. Quote Link to comment Share on other sites More sharing options...
vector Posted March 5, 2009 Share Posted March 5, 2009 what you do is drive up in the parking lot on your day off and then arp spoof all you want. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.