Results 1 to 2 of 2

Thread: ethercap question about gre tunnel

  1. #1
    linuxbeast
    Guest

    Question ethercap question about gre tunnel

    From the wikipedia

    http://en.wikipedia.org/wiki/Ettercap_%28computing%29

    It says

    Remote traffic through a GRE tunnel: the sniffing of remote traffic through a GRE tunnel from a remote Cisco router, and perform a man-in-the-middle attack on it.
    Does anyone know about this? Does it work over a lan only or does it work over the internet?

  2. #2
    Member elazar's Avatar
    Join Date
    Sep 2007
    Posts
    217

    Default

    GRE is an encapsulation protocol, much like ESP in IPSEC, just without the security. GRE is commonly used in Microsoft PPTP VPN implementations(which is not just RRAS, most appliances/devices implement it to, i.e. Cisco routers), which uses MPPE for encryption. I have not tested Ettercap with GRE traffic, however, I am assuming that it removes the encapsulation, but you would still need to deal with the encryption. A good start would be Muts's article on attacking Cisco routers using SNMP and GRE, http://www.securityfocus.com/infocus/1847.
    dd if=/dev/urandom of=/mybrain

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •