Jump to content


Photo
- - - - -

How to avoid the spoof detection script employed by my isp


  • This topic is locked This topic is locked
25 replies to this topic

#21 rakshit

rakshit

    Gibson Hacker

  • Members
  • 98 posts

Posted 22 June 2008 - 03:36 PM

darkstar bro... thanks for that method


but apparently .. in my case... as soon as i on the apr button ... or sniff via ettercap etc.. i get banned in TWO seconds.

#22 rakshit

rakshit

    Gibson Hacker

  • Members
  • 98 posts

Posted 22 June 2008 - 03:37 PM

But yeah ........ i have made provisions................ on changing my mac everytime.. i get banned using registry trick... as my NIC card doesnt allow changing my mac from etherchange,

#23 Spyril

Spyril

    Hakker addict

  • Members
  • 588 posts
  • Location:North Dakota

Posted 22 June 2008 - 09:18 PM

So your gateway is banning your MAC, not your ISP? You should have said that. Also, please make your posts more legible; it's really annoying having...to...read...everything...like...this.

That in mind, ARP spoofing isn't an easy thing to spot, but there is some software that tries to stop ARP spoofing If you could provide us with the models of your networking equipment, we may be able to figure out what kind of IDS they have set up. (Also if you have admin access to this equipment you could always telnet in and use the "ps" command to see what they're running)

#24 rakshit

rakshit

    Gibson Hacker

  • Members
  • 98 posts

Posted 23 June 2008 - 06:32 AM

well .. appologies... for not being legitimate .. in my post.

@spyril

Regarding My Isp' s network equipment


Initiating OS detection (try #1) against 172.16.0.1
SCRIPT ENGINE: Initiating script scanning.
Initiating SCRIPT ENGINE at 16:46
Completed SCRIPT ENGINE at 16:46, 1.33s elapsed
Host 172.16.0.1 appears to be up ... good.
Interesting ports on 172.16.0.1:
Not shown: 1711 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 3.5p1 (protocol 1.99)
|_ SSH Protocol Version 1: Server supports SSHv1
53/tcp open domain ISC BIND 9.2.1
8888/tcp open http thttpd 2.25b 29dec2003
|_ HTML title: Inventum - Service Selection Gateway
10000/tcp open http thttpd 2.25b 29dec2003
|_ HTML title: 401 Unauthorized
| HTTP Auth: HTTP Service requires authentication

|_ Auth type: Basic, realm = .
MAC Address: 00:1C:F0:94:B5:77 (D-Link)
Device type: VoIP phone
Running: WebVOIZE embedded
OS details: WebVOIZE 120 IP phone
Uptime: 3.424 days (since Fri Jun 20 06:35:53 2008)
Network Distance: 1 hop

This is a port scan of my isp router! via which i connect to access the net!
I hope this wht u asked for.......

#25 rakshit

rakshit

    Gibson Hacker

  • Members
  • 98 posts

Posted 23 June 2008 - 06:35 AM

i cant telnet......... this router caz its filtered............ , if u have any method i can access this .... pls guide!!!

#26 mirrorshades

mirrorshades

    aviatorglasses

  • Agents of the Revolution
  • 952 posts
  • Gender:Male

Posted 24 June 2008 - 10:16 AM

At this point, we've drifted off-topic and the original poster is getting harder and harder to decipher.

Thread locked.




BinRev is hosted by the great people at Lunarpages!