cokacola Posted January 21, 2009 Posted January 21, 2009 Hi! I just tried doing a man in the middle attack at work using tools shown in 1x03 ep and connected on the wired lan .. works gr8. Was wondering if i can do the same connected through wireless. Quote
stingwray Posted January 21, 2009 Posted January 21, 2009 If its ARP cache poisoning, then yes. Its not physical layer dependent, with wireless though, if you have a card that will catch all the packets and you know the encryption key (if there is one) then you can just read the packets without needing to do any poisoning. Quote
WhollyMindless Posted January 21, 2009 Posted January 21, 2009 Fear the pineapple. You might want to watch some of the newer shows. Quote
PC646 Posted March 5, 2009 Posted March 5, 2009 Can APR Poisoning be detected? or tracked later? Quote
dr0p Posted March 5, 2009 Posted March 5, 2009 Can APR Poisoning be detected? or tracked later? Yes, it can. There are tools that monitor the amount of ARP requests / responses and report if there are too many. Quote
PC646 Posted March 5, 2009 Posted March 5, 2009 Yes, it can. There are tools that monitor the amount of ARP requests / responses and report if there are too many. But how common is that and Cain/Abel allows for random fake MAC addresses to limit pointing the finger at you. Quote
dr0p Posted March 5, 2009 Posted March 5, 2009 But how common is that and Cain/Abel allows for random fake MAC addresses to limit pointing the finger at you. Medium to large companies usually have IDS (Intrusion Detection Systems) on their networks which detect this and many other network threats in real time. Other than that, not many networks have anything like that running. Quote
vector Posted March 5, 2009 Posted March 5, 2009 If its ARP cache poisoning, then yes. Its not physical layer dependent, with wireless though, if you have a card that will catch all the packets and you know the encryption key (if there is one) then you can just read the packets without needing to do any poisoning. any wireless card will work. Quote
Sparda Posted March 5, 2009 Posted March 5, 2009 Allot of software firewalls (other than the built in Windows firewall) can detect the attack and prevent it from working. Quote
post_break Posted March 5, 2009 Posted March 5, 2009 I wouldn't try to do arp poisoning at work if you're not working in IT. I take that back, I wouldn't do it period. That type of stuff can come back and bite you in the ass. Source fire will definitely know what's up depending on what your company does. Quote
DingleBerries Posted March 5, 2009 Posted March 5, 2009 Not to mention you risk breaking the entire network. Quote
vector Posted March 5, 2009 Posted March 5, 2009 what you do is drive up in the parking lot on your day off and then arp spoof all you want. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.