On Thu, 16 Dec 2004 20:45:37 GMT, joconnor
<joconnor.1hdk0y@WiFi-Forum_dot_com> wrote:
>Ive been looking into some packet injection techniques and have read
>that the best packets to inject into a network to increase traffic is
>arp-requests.
What? Packet injection as in spoofing? Arping is a method of faking
a response as to which machine owns an IP address. It's commonly used
to create a "man in the middle" type of security nightmare. If this
is what you're planning to do, please turn yourself in to the nearest
federal anti-terrorism agency for re-education in proper use of
internet protocols.
>I have so far built up a 100Mb file of traffic and on
>filtering for arp-requests with ethereal there isnt a single
>arp-request packet.Is this typical? and can i somehow force arp-request
>by maybe forcing dis-associations on the network?
First, check if ARP decoding is enabled.
Analyze -> Enabled Protocols -> ARP
You can generate an ARP request by pinging a new IP address on your
LAN. It doesn't have to be a real device, just one that's not in the
current arp cache:
arp -a
Yep. It works. Just ping any IP non-existant address in your Class C
IP LAN block.
Frame 2 (54 bytes on wire, 54 bytes captured)
Ethernet II, Src: 00:02:b3:1e:39:ed, Dst: 00:0c:41:71:36:30
Internet Protocol, Src Addr: 192.168.1.10 (192.168.1.10), Dst Addr:
216.239.63.104 (216.239.63.104)
Transmission Control Protocol, Src Port: 1068 (1068), Dst Port: http
(80), Seq: 0, Ack: 1, Len: 0
No. Time Source Destination
Protocol Info
3 4.503801 192.168.1.10 Broadcast ARP
Who has 192.168.1.99? Tell 192.168.1.10
--
Jeff Liebermann
(E-Mail Removed)
150 Felker St #D
http://www.LearnByDestroying.com
Santa Cruz CA 95060 AE6KS 831-336-2558
Similar Threads
Linear Mode
