Britt Priddy (PZGN) wrote:
Ok - to clear the confusion - this is done by spoofing and placing
yourself on that local segment - and you can obtain any MAC address you
are able to connect to - note I pulled the MAC of the IP of the guy that
asked me to look at it - this was done by sitting on his network with a
spoofed packet to his game server and did an ARP Request. I'll just
tell you its very possible and its done everyday - I do not feel its my
place to tell someone how to 'hack' and/or spoof to gain access to a
segment of a network to listen to the broadcasted traffic.
You didn't answer my question! I was the guy asked you for the MAC of
141.84.69.34, and the MAC you gave me is definitly wrong!
Read it again:
As for your machine - I see SSH running that's pretty much it as far
as anything I can connect to to establish an open connection. IP
141.84.69.34 = MAC = 00:09:b7:27:84:a0 Almost 99% UDP traffic is seen
Look for yourself:
bigbadaboom:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:00:CB:56:56:CC
inet addr:10.150.127.30 Bcast:10.150.127.255
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:121311890 errors:1 dropped:0 overruns:0 frame:0
TX packets:99285661 errors:60 dropped:0 overruns:0 carrier:60
collisions:0 txqueuelen:100
RX bytes:2021109323 (1.8 GiB) TX bytes:1738254273 (1.6 GiB)
Interrupt:10 Base address:0xc00
eth0:0 Link encap:Ethernet HWaddr 00:00:CB:56:56:CC
inet addr:141.84.69.34 Bcast:141.84.69.255
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xc00
As you can see is the HWaddr=MAC not the same you specified. The 99% UDP
traffic is easy to guess, if you scan the machine for services and found
a few CS servers running. This can be provided with nmap or similiar
port scanners.
Please explain why you told us a wrong MAC if this is foolproof? I can
give you another example: 141.84.69.28, tell me the MAC of that machine.
If you cannot give me the MAC of my machine, how will you than spoof my
MAC at all? Or even sniff the traffic itself?
You must give more evidence and argument to strenghten your position. If
you are right, you should bring any proof with it.
cheers
Frank
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives, please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux
