I'm experimenting with a spoofed IP connection, as described in section 7 of this article (IP SPOOFING with BSD RAW SOCKETS INTERFACE ). Indeed, when a SYN is sent with no regard for ARP, there's no response. One of the two solutions presented in the article (should be the simpler) is to add a static ARP entry to the client host. My host is configured as 10.1.1.10 and I want the spoofed IP address to be 10.1.1.20.
To add the new entry, I ran:
# arp -i enp4s2 -Ds 10.1.1.20 enp4s2 pub
and when I run
arp -n, it shows:
10.1.1.20 * * MP enp4s2
From the server, I tried to arping 10.1.1.20 and there is no reply from the client host (with the published ARP entry).
Probably I didn't understand how ARP publishing works. Literature on the net seems to be very simplified on this matter.
My distro is an OpenSuSE and the kernel version is 3.16.7-21-desktop #1 SMP PREEMPT.
Asked by user666412
(187 rep)
May 8, 2015, 09:51 PM
Last activity: Sep 17, 2019, 05:05 PM
Last activity: Sep 17, 2019, 05:05 PM