:08 PM
To: [EMAIL PROTECTED]
Subject: RE: Sniffing my broadband connection to my ISP ??? [7:30689]
At 04:37 PM 1/2/02, Jim Brown wrote:
Priscilla,
Wouldn't proxy ARP generate an ARP request and an ARP reply if the
source and target networks were directly connected to the router?
No. Proxy ARP
, January 02, 2002 5:08 PM
To: [EMAIL PROTECTED]
Subject: RE: Sniffing my broadband connection to my ISP ??? [7:30689]
At 04:37 PM 1/2/02, Jim Brown wrote:
Priscilla,
Wouldn't proxy ARP generate an ARP request and an ARP reply if the
source and target networks were directly connected
i guess I got them mixed up. Now I can't remember the tool that uses ICMP
redirects to do the same thing. I thought the other one did the arp
spoofing. I'll try and find it as it's more clever.
Priscilla Oppenheimer wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
I read up on
Thanx for all the posts.
Didn't see the posts yesterday so could'nt take part.
The Server may have been throwing a wobbly.
Yes, I'm on cable (Surfboard 4100).
Just getting my head around not being alone and
sharing the broadcast domain.
My setup is PC-Hub wrote:
I read up on it. It appears to
Hi Group,
I have been sniffing my broadband connection to
my ISP today and have a few questions.
My main gripe is that I'm being sent around 100
Arp requests per minute, which obviously I cannot
resolve. These ARP requests are all originating from
my default G/W at the ISP trying to
Cable modem is a shared medium and you do not have the bandwidth on your
segment to yourself. You could compare it to ethernet for practical
purposes.
The k1d
Phil Barker wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hi Group,
I have been sniffing my broadband
It sounds like you are sharing the broadcast domain with a bunch of other
stations. The network is bridging on the edge. I think this is normal for
cable modem systems. Is that what you are on?
Priscilla
At 12:23 PM 1/2/02, Phil Barker wrote:
Hi Group,
I have been sniffing my broadband
Hi,
Just to expand on this...
The 224.0.0.1 multicast query you're seeing is coming
from the cable modem I bet. I have a Surfboard 3100
cable modem and it sends out IGMP queries on 224.0.0.1
frequently. I'm not sure why the cable modem is doing
multicast and haven't really looked into it. I
Having proxy ARP enabled on the router would cause the router to send ARP
replies not requests.
The fact that he sees ARP requests isn't surprising. He's on a shared
network. On a shared network you see all the ARP requests from your local
router to devices on your network.
Priscilla
At
Erick, you are seeing 224.0.0.1 Multicast Queries because 224.0.0.1 is
reserved for all systems on segment. This is the IP that the IGMP queries
are going out to allowing the Router to determine if it needs to request
upstream for any Multicast Streams. It is pretty common to see that..
Mike
]
Subject: Re: Sniffing my broadband connection to my ISP ??? [7:30689]
Having proxy ARP enabled on the router would cause the router to send ARP
replies not requests.
The fact that he sees ARP requests isn't surprising. He's on a shared
network. On a shared network you see all the ARP requests from
As everyone else has said, this is normal for a shared access netowrk. Look
for routing protocol updates and other things as well . On ATT's
cable-modem network you can see the ospf hello updates, who the DR and BDR
is and other things. It can be fun. Try dsniff or some other program and
you
connection to my ISP ??? [7:30689]
Having proxy ARP enabled on the router would cause the router to send ARP
replies not requests.
The fact that he sees ARP requests isn't surprising. He's on a shared
network. On a shared network you see all the ARP requests from your local
router to devices
At 06:42 PM 1/2/02, Steven A. Ridder wrote:
As everyone else has said, this is normal for a shared access netowrk. Look
for routing protocol updates and other things as well . On ATT's
cable-modem network you can see the ospf hello updates, who the DR and BDR
is and other things.
Yep, that's
Dsniff uses icmp default gateway redirects (the ICMP message that tells
hosts that a differnt router has a better path to the destination network).
This will automatically make the user's PC redirect all traffic to your PC
dynamically (the client never knows about it), because he thinks you are a
I read up on it. It appears to have been developed for beneficial purposes
but is also a hacker tool. The written material says its a set of tools
actually The relevant one uses ARP, not ICMP. (There was no mention of ICMP
being used.) It sends an ARP reply for the IP address of the default
16 matches
Mail list logo