Re: man-in-the-middle

To: debian-firewall@lists.debian.org
Subject: Re: man-in-the-middle
From: eduardgv <eduardgv@gmail.com>
Date: Thu, 7 Oct 2004 13:44:39 +0200
Message-id: <[🔎] 66c3877d04100704445473d7fc@mail.gmail.com>
Reply-to: eduardgv <eduardgv@gmail.com>
In-reply-to: <[🔎] 200410071221.11549.hansdp@newingtoncs.co.za>
References: <[🔎] 200410071221.11549.hansdp@newingtoncs.co.za>

> 
> A (win)  -----------------------  B (lin) ------------------------  C (win)
> 
> 
> B has two interfaces, and I have no access to  A or C - can't change anything
> on them.  Let's say the IPs are:
> A = 60.60.60.60
> B = 70.70.70.1 and 70.70.70.2
> C = 80.80.80.80
> 

If A and C belong to different subnets (60.0.0.0 and 80.0.0.0) they
need a router among them (they can't see each other). If A and C can
see each other directly, means that they belong to the same subnet. If
this is the case, in order to force both stations to communicate
through a third element (B), I'd use some kind of arpspoofing.

Let A be 60.60.60.60, B (only one if) 60.60.60.61 and C 60.60.60.62.
With B arpspoofing:

1-when A tries to send a packet to C, sends an ARP Request: What is
the hw address of 60.60.60.62?
2-B responds with ARP Response: The hw address you requested is
xx:xx:xx:xx:xx:xx (B's mac address)
3-Packets from A to C arrive at B, whrere they can be treated and
finally relayed to C


Edu

Reply to:

References:
- man-in-the-middle
  - From: Hans du Plooy <hansdp@newingtoncs.co.za>

Prev by Date: Re: man-in-the-middle
Next by Date: Re: man-in-the-middle
Previous by thread: Re: man-in-the-middle
Next by thread: Re: man-in-the-middle
Index(es):
- Date
- Thread