Tilted Forum Project Discussion Community - View Single Post

Pragma · 04-05-2004, 03:26 PM

I'd bet you actually can intercept packets, you're just behind a switch. What you'll have to do is use something like ettercap (instead of, for example, ethereal) to do ARP-spoofing in order to see other people's traffic.

The way a switch operates is to build a table of what ports have what MAC addresses attached to them, and what ARP spoofing does is to tell the switch that your port has everyone else's MAC addresses (so the switch ends up sending the traffic out several ports).

Resources - well, the first ones I'd say are the "Hacking Exposed" book series, you can find them at most bookstores (Borders, B&N, so on). Other good books are the Hacker's Challenge series - teaches you a lot about forensics.

Websites - Security Focus, PacketStorm, New Order. I'm sure there's lots of other links out there that people can give, as well as links in other threads.

I'd say to look very carefully at all published usage documentation on your campus network, and if you don't see anything that forbids poking around the network, go for it. If you get called on it, then apologize profusely, explain your position, and ask forgiveness. If you do see stuff that forbids it, I'd say to go and ask, say you're trying to learn. They might let you go for it anyways.

04-05-2004, 03:26 PM	#10 (permalink)
Pragma I am Winter Born Location: Alexandria, VA	I'd bet you actually can intercept packets, you're just behind a switch. What you'll have to do is use something like ettercap (instead of, for example, ethereal) to do ARP-spoofing in order to see other people's traffic. The way a switch operates is to build a table of what ports have what MAC addresses attached to them, and what ARP spoofing does is to tell the switch that your port has everyone else's MAC addresses (so the switch ends up sending the traffic out several ports). Resources - well, the first ones I'd say are the "Hacking Exposed" book series, you can find them at most bookstores (Borders, B&N, so on). Other good books are the Hacker's Challenge series - teaches you a lot about forensics. Websites - Security Focus, PacketStorm, New Order. I'm sure there's lots of other links out there that people can give, as well as links in other threads. I'd say to look very carefully at all published usage documentation on your campus network, and if you don't see anything that forbids poking around the network, go for it. If you get called on it, then apologize profusely, explain your position, and ask forgiveness. If you do see stuff that forbids it, I'd say to go and ask, say you're trying to learn. They might let you go for it anyways.