[VOIPSEC] Re: Voipsec Digest, Vol 2, Issue 33
Robert Moskowitz
rgm at icsalabs.com
Tue Mar 1 14:25:14 CST 2005
At 09:25 AM 3/1/2005, HoweThomas at aol.com wrote:
>Sorry for being dense here, but what device turns on the IP forwarding,
>and how does it do that? Is it the device that issues the phoney ARP request?
Consider Alice with MAC of A and IPaddr of 1, Bob with MAC of B and IPaddr
of 2, and Malice with MAC of C.
Malice sends an ARP Response to Alice stating that MAC C has IPaddr 2,
please update your ARP table.
Malice sends an ARP Response to Bob stating that MAC C has IPaddr 1, please
update your ARP table.
Now all IP traffic between Alice and Bob goes through Malice. This works
over any 802 LAN. Malice only has to learn Alice and Bob's MACs and
IPaddrs and those can frequently be guessed.
Robert Moskowitz
Senior Technical Director
ICSA Labs, a division of Cybertrust, Inc.
W: 248-968-9809
F: 248-968-2824
E: rgm at icsalabs.com
There's no limit to what can be accomplished
if it doesn't matter who gets the credit
More information about the Voipsec
mailing list