Go Back   nV News Forums > Linux Support Forums > General Linux

Newegg Daily Deals

Reply
 
Thread Tools
Old 06-09-05, 01:59 AM   #1
Son Goku
Registered User
 
Son Goku's Avatar
 
Join Date: Feb 2003
Location: 439 East District, Mount Paozu
Posts: 1,714
Default Probably a kamel related question...

Well, if anyone else is familiar with network security and Ettercat, feel free to chime in

I had a network security class earlier (actually yesterday now) evening. Anyhow, lets say the class has been having a little fun using this On Monday, and then again today someone did some ARP poisoning I gather, which crashed the network. Tuesday morning, the first class, well, they probably had to bring it up again Anyhow, not everyone in the class had their hard drives, so they were ghosting the image over, so everyone could do today's assignment.

While waiting, the class was having fun hacking each other... One person for instance got my IP and used my box as a relay for their own attack, which I caught onto, and added their IP to my

/etc/hosts.deny

file... After which, I loaded up port sentry, and then turned around, and started fingering their box and stuff in return, and then gave them a DoS attack (the same one that grabbed my IP) from, well I directed it from a "fake host" which was the broadcast address (lest they then try to black list that), upon the attacking host

Some people in the back row, were doing it to each other too... Oh, and don't worry, this is a private, non-routable address space (wrt the Internet), and things are pretty well isolated so, well most things wouldn't propogate beyond the room. It's there for peeps to learn networking, which in our case is learn network security...

About this ARP poisioning though. I notice in the Ettercat interface there is an "un-poisoning" option. Which makes me wonder. Could a person set up one box, so that after someone else (a different computer, either that really is on the network, or is posing as if it should be) poison's the ARP tables in the switch, from this one box one could "un-poison" their own network without having to go back and physically reset the switch?

Of course re-setting the switch can work in a class room (where the equipment is right there), but I could imagine in a corporate network, where different segments of the network can be located where-ever, it could be a bit of a pain...especially where the switch is physically somewhere else...

Perhaps I could get someone to crash the network again (as someone in our class seems to take great delight in ) and then try to re-fix it without rebooting the switch and all, but I'm wondering if it's even possible or worth the time to try?
Son Goku is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


Similar Threads
Thread Thread Starter Forum Replies Last Post
Dragon Age Origins question Cylphid Gaming Central 3 05-30-12 07:15 PM
1st post - XP Restore question Needa916 Microsoft Windows XP And Vista 2 09-12-02 05:24 PM
Newby question about nforce.... superconti NVIDIA Linux 2 09-07-02 11:46 PM
Dual boot question.. Tactics General Hardware 15 09-07-02 10:39 AM
Quick question about Digital din with the Audigy Tactics General Hardware 4 08-12-02 12:16 AM

All times are GMT -5. The time now is 09:26 PM.


Powered by vBulletin® Version 3.7.1
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright 1998 - 2014, nV News.