RE: Sniffing my broadband connection to my ISP ??? [7:30689]

:08 PM To: [EMAIL PROTECTED] Subject: RE: Sniffing my broadband connection to my ISP ??? [7:30689] At 04:37 PM 1/2/02, Jim Brown wrote: Priscilla, Wouldn't proxy ARP generate an ARP request and an ARP reply if the source and target networks were directly connected to the router? No. Proxy ARP

RE: Sniffing my broadband connection to my ISP ??? [7:30689]

, January 02, 2002 5:08 PM To: [EMAIL PROTECTED] Subject: RE: Sniffing my broadband connection to my ISP ??? [7:30689] At 04:37 PM 1/2/02, Jim Brown wrote: Priscilla, Wouldn't proxy ARP generate an ARP request and an ARP reply if the source and target networks were directly connected

Re: Sniffing my broadband connection to my ISP ??? [7:30689]

i guess I got them mixed up. Now I can't remember the tool that uses ICMP redirects to do the same thing. I thought the other one did the arp spoofing. I'll try and find it as it's more clever. Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I read up on

Re: Sniffing my broadband connection to my ISP ??? [7:30689]

Thanx for all the posts. Didn't see the posts yesterday so could'nt take part. The Server may have been throwing a wobbly. Yes, I'm on cable (Surfboard 4100). Just getting my head around not being alone and sharing the broadcast domain. My setup is PC-Hub wrote: I read up on it. It appears to

Sniffing my broadband connection to my ISP ??? [7:30689]

Hi Group, I have been sniffing my broadband connection to my ISP today and have a few questions. My main gripe is that I'm being sent around 100 Arp requests per minute, which obviously I cannot resolve. These ARP requests are all originating from my default G/W at the ISP trying to

Re: Sniffing my broadband connection to my ISP ??? [7:30689]

Cable modem is a shared medium and you do not have the bandwidth on your segment to yourself. You could compare it to ethernet for practical purposes. The k1d Phil Barker wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi Group, I have been sniffing my broadband

Re: Sniffing my broadband connection to my ISP ??? [7:30689]

It sounds like you are sharing the broadcast domain with a bunch of other stations. The network is bridging on the edge. I think this is normal for cable modem systems. Is that what you are on? Priscilla At 12:23 PM 1/2/02, Phil Barker wrote: Hi Group, I have been sniffing my broadband

Re: Sniffing my broadband connection to my ISP ??? [7:30689]

Hi, Just to expand on this... The 224.0.0.1 multicast query you're seeing is coming from the cable modem I bet. I have a Surfboard 3100 cable modem and it sends out IGMP queries on 224.0.0.1 frequently. I'm not sure why the cable modem is doing multicast and haven't really looked into it. I

Re: Sniffing my broadband connection to my ISP ??? [7:30689]

Having proxy ARP enabled on the router would cause the router to send ARP replies not requests. The fact that he sees ARP requests isn't surprising. He's on a shared network. On a shared network you see all the ARP requests from your local router to devices on your network. Priscilla At

Re: Sniffing my broadband connection to my ISP ??? [7:30689]

Erick, you are seeing 224.0.0.1 Multicast Queries because 224.0.0.1 is reserved for all systems on segment. This is the IP that the IGMP queries are going out to allowing the Router to determine if it needs to request upstream for any Multicast Streams. It is pretty common to see that.. Mike

RE: Sniffing my broadband connection to my ISP ??? [7:30689]

] Subject: Re: Sniffing my broadband connection to my ISP ??? [7:30689] Having proxy ARP enabled on the router would cause the router to send ARP replies not requests. The fact that he sees ARP requests isn't surprising. He's on a shared network. On a shared network you see all the ARP requests from

Re: Sniffing my broadband connection to my ISP ??? [7:30689]

As everyone else has said, this is normal for a shared access netowrk. Look for routing protocol updates and other things as well . On ATT's cable-modem network you can see the ospf hello updates, who the DR and BDR is and other things. It can be fun. Try dsniff or some other program and you

RE: Sniffing my broadband connection to my ISP ??? [7:30689]

connection to my ISP ??? [7:30689] Having proxy ARP enabled on the router would cause the router to send ARP replies not requests. The fact that he sees ARP requests isn't surprising. He's on a shared network. On a shared network you see all the ARP requests from your local router to devices

Re: Sniffing my broadband connection to my ISP ??? [7:30689]

At 06:42 PM 1/2/02, Steven A. Ridder wrote: As everyone else has said, this is normal for a shared access netowrk. Look for routing protocol updates and other things as well . On ATT's cable-modem network you can see the ospf hello updates, who the DR and BDR is and other things. Yep, that's

Re: Sniffing my broadband connection to my ISP ??? [7:30689]

Dsniff uses icmp default gateway redirects (the ICMP message that tells hosts that a differnt router has a better path to the destination network). This will automatically make the user's PC redirect all traffic to your PC dynamically (the client never knows about it), because he thinks you are a

Re: Sniffing my broadband connection to my ISP ??? [7:30689]

I read up on it. It appears to have been developed for beneficial purposes but is also a hacker tool. The written material says its a set of tools actually The relevant one uses ARP, not ICMP. (There was no mention of ICMP being used.) It sends an ARP reply for the IP address of the default