Re: Ping a mac address

From: Thor (Hammer of God) (thor@hammerofgod.com)
Date: Sun Dec 04 2005 - 13:39:06 EST


That's why I was asking "why?" It depends on what he's ultimately going to
do and what the host is... All packets are not automatically dropped if the
IP doesn't match the bound IP -- that's what the MAC is for in the first
place. For instance, I have a few IP cameras around my infrastructure... If
I add a static ARP entry for the MAC to some arbitrary IP (that's still on
my subnet) I can use that arbitrary IP to access the unit's HTTP
configuration... works just fine.

t

-----
"And yet, even if one person finds his way... that means
there is a Way. Even if I personally fail to reach it."

Mr. Nobusuke Tagomi
Top Place, Ranking Imperial Trade Mission
Pacific States of America

----- Original Message -----
From: "Cedric Blancher" <blancher@cartel-securite.fr>
To: "Thor (Hammer of God)" <thor@hammerofgod.com>
Cc: "Roni Bachar" <roni@avnet.co.il>; <pen-test@securityfocus.com>
Sent: Sunday, December 04, 2005 10:18 AM
Subject: Re: Ping a mac address

Le dimanche 04 décembre 2005 à 01:58 -0800, Thor (Hammer of God) a
écrit :
> Given that, if the host *is* on the same subnet, and you want to reach
> it, it doesn't really matter what IP address is bound to the adapter--
> you can just add a static ARP entry on the local system to assign the
> MAC to whatever "in-network" IP you want, whether it's the "real" IP
> or not...

Maybe I misunderstand your point, but as you will be indeed be able to
send that host an ethernet frame knowing its MAC address, you may want
to have it processed at upper layers, if you need to coomunicate with
that host for instance. As it will drop any packet that is not destined
to its very own IP address (or one of its, if multiple), you definitly
need to know it for this kind of purpose.

-- 
http://sid.rstack.org/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
>> Hi! I'm your friendly neighbourhood signature virus.
>> Copy me to your signature file and help me spread!
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:14 EDT