comment on

Sigh..all right, I've really run out of patience with you, but to end this off on a semi-helpful note I'll reply briefly. Read this, then read my post above again, think about it, read a book and maybe you'll get it.

ARP poisoning is the act of broadcasting malicious reply packets

s/is the act of broadcasting/amongst other things requires sending/;
[download]

my code does this very happily and in a very legitimate sort of way

No, it does this in the dumbest and least efficient way possible.

checked it using the tcpdump sniffer

Hint: tcpdump does not explain the whole packet to you, you won't actually see the ARP payload unless you manually inspect the packet content yourself (it shows you the Ethernet frame data, which is not necessarily the same as the ARP payload).

it does update the MAC address of the gateway

Newsflash: just because it works on your router, doesn't mean it'll work on others.

Oh, and I thought this was your network administrator's router? You know, the one who was so happy you notified him of this "vulnerability"...don't bother replying, I won't.

All dogma is stupid.

In reply to Re^4: ARP Poisoning (somewhat OT) by tirwhan
in thread ARP Poisoning by hnd

Are you posting in the right place? Check out Where do I post X? to know for sure.
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
Want more info? How to link or How to display code and escape characters are good places to start.


Keep It Simple, Stupid
	PerlMonks