Welcome to HBH! If you had an account on hellboundhacker.org you will need to reset your password using the Lost Password system before you will be able to login.

Every man is just in his own eyes


ghost's Avatar
0 0

[Background] I went to visit a friend at our states Technical College, and found it would be a good time to mess with some network sniffers and such. (since i never really got around to creating a simulation on my network) In about 3 hours i got so many passwords and PI that i just stopped.

[Decision] I found that i should try to fix the problem, and since i wasn't a student or a registered visitor i shouldn't say anything personally. I Logged on the myspace of the people i found and left them messages explaining the situation and that some Network Admins should be notified.

[Question] Can this attack (ARP Poisoning) be prevented Easily and would you have acted differently in this situation and why?


ranma's Avatar
Member
0 0

Sounds like a topic for an essay :p


stealth-'s Avatar
Ninja Extreme
0 0

Im not sure how easy it is to prevent this, but being myself I probably would have left it all alone. It's not really my problem, and I would be too busy being amazed about how easy it was to do that. I definately say its a bad idea to report it to the administrators, as I've heard people report problems and get sue'd over it, because their computer contained information regarding the intrusion, they technically admitted to breaking the law.


ghost's Avatar
0 0

indeed man, thats why i said nothing face to face and left it to the people who did get compromised to say something to the tech guys.


ghost's Avatar
0 0

Well as far as it being preventable, in the ARP poisoning sense, yes, all you would have to do is configure a static address…

arp -s GateWayIP  GateWayMac```

This could put a damper on someone pulling an arp mitm, but this means that everyone that connected to the network would have to configure this themselves, I doubt it would be make any difference, and there's more than one way mitm attacks are conducted, and ways they could prevented.

If it was me and i wanted to make people take notice... i would have started dns spoofing and took everyone to a my own special web page.  

ghost's Avatar
0 0

They probably can't use static IP's since it's a college network and not a personal one. He said he got 300+ passwords. I mean it's not impossible to do, but it would be a bitch, and it's not something the college is likely to do.


ghost's Avatar
0 0

I known through experience that schools are harsh on intrusions because of the confidentiality policy of there students info .


ranma's Avatar
Member
0 0

S1L3NTKn1GhT wrote: I known through experience that schools are harsh on intrusions because of the confidentiality policy of there students info .

Which is extremely messed up b/c my school system has a website and my school has one too. My school uses our last name and our student ID (which should be private) to log us in to see our grades. However, my school system website can be made to give you other people's IDs. xD