Ethereal-users: Re: [Ethereal-users] Spoofed packets...

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Guy Harris <guy@xxxxxxxxxx>
Date: Mon, 10 Sep 2001 14:35:29 -0700 (PDT)
> It is quite easy to put a packet out with the wrong 
> IP information.  With a bit more access to the Ethernet
> driver, it is quite easy to put an arbitrary hardware
> source address.

...and, on some platforms, the only access you need is that offered by
the same raw packet I/O mechanism that tcpdump and Ethereal and the like
use to capture packets - said mechanism often also supports *sending*
raw packets, and, depending on the hardware and driver, may simply put
the raw link-layer packet on the wire, with the header supplied by the
program, complete with, on LANs, the MAC addresses from that header.

That works on Solaris 2.6, for example.