Yeah, you know the deal. Another network-based attack! This time, a LAND-attack (Local Area Network Denial – attack). I know the first thing that comes to your mind is: “LAME. With a MITM (Man-in-the-Middle), you can at least steal data, with this you simply DoS someone…” Not so fast.
More+Here comes another example on how nokitel can be used for penetration testing. Ever heard about a CAM-Table-Overflow? Though so. It’s not a very common exploitation method. This is a short description quoted from hakipedia,com: “A switch’s CAM table contains network information such as MAC addresses available on physical switch ports and associated VLAN parameters. [...]“
More+Well, we’ve realized we haven’t mentioned what requirements that is required for you to use the nokitel library or the spoon executable. So here comes a list: WinPCAP – http://www.winpcap.org/ .NET Framework 3.5 (or above) – http://download.microsoft.com/ Microsoft Windows XP (or above, however Microsoft Windows 2000 might work as well.) Well, that’s about it.
More+Well well, our first example on how the nokitel library can used. It’s a slimmed down, “fast”, SYN-stealth portscanner. The source code is fully commented, and I hope you get a grip of the fundamental functionality.
More+As some of you might already know, me and Fredrik have been working on a low-level network library for the .Net framework. Its name is nokitel and this post will cover the features of the library since the documentation is not finished yet.
More+