HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 40 guests and 2 members online
 
Free Business and Tech Magazines and eBooks

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Network Pen Testingarrow Wireless arp poison
EH-Net
May 23, 2013, 08:46:37 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Wireless arp poison  (Read 4930 times)
0 Members and 1 Guest are viewing this topic.
wylde342
Newbie
*
Offline Offline

Posts: 2


View Profile
« on: May 02, 2007, 10:23:16 PM »
I've been hacking our network to figure out how someone would so I can defend against it.  We have a small company which offers consulting and I'm looking to offer some penetration testing in the future.

I'm using Back Track and am able to see our AP and rip all the packets/IV's.  I can use Cain/Abel (Win) or Ettercap (*nix*) on the wire, but when I try and sniff connected wirelessely, I get a ton of "Malformed packets."

Is there any suggested reading or sites for this?  Everything I've read on Wireless says the AP's operate at layer 2 so I *should* be able to arp poison and collect packets.  I'd like to be able to demonstrate this for potential clients to help sales - but I'll look the fool if I can't!

Any assistance would be greatly appreciated.
Logged
slimjim100
EH-Net Columnist
Sr. Member
*****
Offline Offline

Posts: 385



View Profile WWW
« Reply #1 on: May 03, 2007, 07:38:32 AM »
When sniffing with Unix or Linux there are some options you can change to prevent the malformed packets. I have seen this before where when you start you sniffing session you get a few malformed packets and this is because you have interrupted the flow of data on the network. A lot of the info you get depends on how you sniffing (mirroring or MITM). I would say check the options used for the sniff and make sure you computer can handle the routing of the packets if you plan to do a MITM scan.

Good Luck

Brian
Logged
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
wylde342
Newbie
*
Offline Offline

Posts: 2


View Profile
« Reply #2 on: May 03, 2007, 07:41:04 AM »
Gotcha.  I'm still getting the MITM thing down.  Yesterday I whipped our Internet connection..  Smiley

I guess we all learn one time.
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.07 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.