Reply With QuoteI don't think experimenting on any production environment is a good idea.
Don't you have any extra equipment you can use to make a small test network?
I want to play around a bit with arp poisoning (using ettercap) and I wonder if it is safe to do in production network.....I want to check if I can reroute traffic from specific hosts to my workstation using ARP poisoning....but I'm afraid to screw up the traffic ......
Thanks.
I don't think experimenting on any production environment is a good idea.
Don't you have any extra equipment you can use to make a small test network?
I do, but I don't have spare switch to fully amulate production env.....
Best bet would be to wait until you've got the hardware to do it yourself. I setup another physical network within my home for the specific use of network testing. Trying something like that on a production environment without knowing how it works isn't too wise. If you can borrow a switch or something from work, that'd be great. :-)
You learn the most if it's a real world thing. Try your best not to get caught, that way if you break something you don't get blamed, and if you don't, you learned how to hide yourself.
:P
Arp poisoning will get the packets to a different box, but remember if that box is not configured for that ip it will just drop them (Unless it's promiscuous)
Are you trying to like hijack a server or just sniff?
dsniff comes with something called arpspoof which lets you trick the switch to sending you the packets, then sends the packets back to the intended host as well so you can sniff the connection.
I'm just trying to see how the whole thing works.....the basic idea is to fool switch into beleiving that server's arp is actually my workstation's thus redirecting traffic that goes to server to my workstation and then sniffing it for information......I guess that's what arp poisoning is supposed to do?
So you say dsniff is the best toll to do that?
Thanks.
Posting Permissions
Bookmarks