From: Thor (Hammer of God) (thor@hammerofgod.com)
Date: Sun Dec 04 2005 - 14:43:12 EST
Right--- agreed on all points-- I should have reworded "in the first place"
using L2 and L3 distinction as you did. I was just pointing out that the
solution all depends on what device we're working with and what the end to
the mean is. Kind of hard to do when all the OP gives us is "I want to Ping
a MAC address ;)
Oh, and the units are pretty cool- those old Axis cameras. There was an
access point that allowed you to do the same thing (config with arbitrary IP
via ARP) but I don't have it anymore. I'll try it on some of my LinkSys and
NetGear boxes and see if they let me do that as well. Ya never know unless
you try ;)
t
----- Original Message -----
From: "Cedric Blancher" <blancher@cartel-securite.fr>
To: "Thor (Hammer of God)" <thor@hammerofgod.com>
Cc: "Roni Bachar" <roni@avnet.co.il>; <pen-test@securityfocus.com>
Sent: Sunday, December 04, 2005 11:31 AM
Subject: Re: Ping a mac address
Le dimanche 04 décembre 2005 à 10:39 -0800, Thor (Hammer of God) a
écrit :
> All packets are not automatically dropped if the IP doesn't match the
> bound IP -- -- that's what the MAC is for in the first place.
At least they should, unless the device is a router, in what case
packets get routed.
I don't get your point about the MAC address being for "in the first
place"... MAC addresses are for ensure L2 connectivity. L3 is only
relying on L3 addressing, i.e. IP, whatever L2 you're using. If you use
the wrong IP address, then the device has wether to drop or route the
packet. Period.
Speaking of unicast IP addresses, of course...
> For instance, I have a few IP cameras around my infrastructure... If
> I add a static ARP entry for the MAC to some arbitrary IP (that's still on
> my subnet) I can use that arbitrary IP to access the unit's HTTP
> configuration... works just fine.
You're lucky to be facing theses non RFC compliant devices :)))
-- http://sid.rstack.org/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread! ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:14 EDT