In both cases, I turned on ip forwarding before doing any spoofing.


echo 1 > /proc/sys/net/ipv4/ip_forwarding
(There may be a typo, as I don't have access to a Linux box at the moment. :( )

Definitely look for Audit and Risk departments in firms. They'll have you evaluating systems, looking for any holes that could present ...well, risks. That could include pentesting, depending on...

I have been experimenting with the dsniff suite on my own home network, and it's frighteningly easy to use.


arpspoof -t victim gateway
arpspoof -t gateway victim

works flawlessly, along...

I don't have my laptop with me and I'm nowhere near that network, so I'll try to answer as best as I can, then try to update later with more detailed information. I'm using Backtrack2, so the...

I have run some (clientless) WEP cracking successfully on my own home network. As I'm situated out in the woods and don't have many devices, it's fairly close to a clean-room for running aircrack. ...

Ok. I think I kinda/sorta get it. It'll probably make more sense as I get used to wifi.

Thanks! :D

Ok, so using it means that I'm able to use my own MAC address in the later aireplay attacks, whereas if I didn't, the packets generated would simply be ignored by the AP?

@map777
Actually, I got...

I've been running through the clientless attack on my home network as shown by offensive-security's flash video, and I understand why we're taking each step except for one. Why do we fake auth? ...

Perhaps I should have been a little more specific. :) I'm not new to Linux. I have a Gentoo desktop and laptop, as well as a Debian file-server. What I am new to is the whole security scene. I...

Hi all, new here!

I messed with the first BT and seeded the second one for a time after installing it on my laptop, but... I hardly know how to use it! I've studied what I can on the aircrack...