thakurlokesh

How to bypass Virtual LAN

9 posts in this topic

I have LAN connection. There is a bandwidth allocation policy in our LAN. My LAN administrator offers three different bandwidth plans of 512 kbps, 1 mbps and 2 mbps speed, and he use mac filtering technique so that no one can access internet using others IP address to get high speed.

I have 512 kbps speed plan. My LAN admin use 2 mbps plan for his personal use. so using the tool "nmap", I got his IP and mac address, and at nights when his PC was off, I changed my IP and MAC address same as his(called spoofing), and access the internet at 2 mbps. But one day he realised that someone(i.e. me) was using his ip and mac address at nights(when his PC was off) to get high speed. So he put his ip on another port(perhaps it is called virtual LAN), Now when I change my IP and MAC, internet does not work. Is there any way to spoof port(like mac spoofing)so that I can access internet even on other port. Is there any way to send packets to other ports. my port is 8893 and his 8892, both IP were on the same port(8893) before.

Thanks

Edited by thakurlokesh
1

Share this post


Link to post
Share on other sites

I am not sure what you're asking. You're saying that when you spoof your MAC address to his, the speed doesn't increase? I don't understand what he did to stop you from MAC spoofing. There's no way to put the IP address itself on a different port.. Is he using a program like Hamachi or something now?

0

Share this post


Link to post
Share on other sites
I am not sure what you're asking. You're saying that when you spoof your MAC address to his, the speed doesn't increase? I don't understand what he did to stop you from MAC spoofing. There's no way to put the IP address itself on a different port.. Is he using a program like Hamachi or something now?

better question WTH is your lan admin hoping to acomplish by limiting bandwith on a lan?

i just hook my laptop's nic up to the ether net And tap the T1 when the office is unlocked. comes in handy when you have a truck load of stuff to DL.

Edited by Galvatron
0

Share this post


Link to post
Share on other sites

So what your saying is that previously you were using mac spoofing to get his vlan assignment instead of yours. And now he switched to another port on the switch and you can no longer connect while spoofing his address?

If this is the case it sounds like he changed the vlan assignments on the port your plugged into to not allow you to use that connection. I would look for another computer on the 2mb vlan and try that. Better idea = stop messing around because hes obviously on to you.

Do you know the make/model of his switches? What vlan software is he using?.

0

Share this post


Link to post
Share on other sites
So what your saying is that previously you were using mac spoofing to get his vlan assignment instead of yours. And now he switched to another port on the switch and you can no longer connect while spoofing his address?

If this is the case it sounds like he changed the vlan assignments on the port your plugged into to not allow you to use that connection. I would look for another computer on the 2mb vlan and try that. Better idea = stop messing around because hes obviously on to you.

Do you know the make/model of his switches? What vlan software is he using?.

No, his IP was not on vlan previously. There are about 50 users in our LAN and they all are on port 8893 including me. LAN admin has put his IP on vlan only after realising that someone is using his IP. His IP was on the same port previously i.e. on 8893.

Perhaps he use CISCO switch, but i m not so sure about it. I also dont know which software he use. He types 192.168.0.1:8892 in address bar of browser then a login page of service selection gateway appears that requires a username and password, after typing username and password he manage the LAN i.e. bandwidth, vlan etc. He use gateway service of INVENTUM. its website is: http://www.inventum.cc/

Edited by thakurlokesh
0

Share this post


Link to post
Share on other sites

Looking at the data sheet, I am not sure if this is a vlan issue. Authentication by IP/MAC is just one of the authentication options mentioned in Inventum's EAC data sheet. Username/password is an other.

If it is a VLAN thing, you might want to look at Yersinia. Sucess depends on how well your switches are maintained.

BTW:

If you're using cisco switches on the network, mac spoofing can easily be detected and the switch port can be disabled permanently. Meaning you've got to go begging to your admin who will certainly ask questions. Of course it all depends how paranoid your admin is - I haven't seen it being used frequently. Configuring cisco port securty

0

Share this post


Link to post
Share on other sites
Looking at the data sheet, I am not sure if this is a vlan issue. Authentication by IP/MAC is just one of the authentication options mentioned in Inventum's EAC data sheet. Username/password is an other.

Thanks for response,

Then why internet does not work even after changing MAC and IP, while previosly I have accessed the internet for 3-4 months using the same trick.

If it is a VLAN thing, you might want to look at Yersinia. Sucess depends on how well your switches are maintained.

Yersinia works in linux, I use windows xp. Although i have std-knoppix live cd, but It is very difficult to me to work in linux, I m not comfortable with linux, because I have been using windows since childhood. Is there any alternative of yersinia which works in windows?

BTW:

If you're using cisco switches on the network, mac spoofing can easily be detected and the switch port can be disabled permanently. Meaning you've got to go begging to your admin who will certainly ask questions. Of course it all depends how paranoid your admin is - I haven't seen it being used frequently. Configuring cisco port securty

Thanks for giving this usefull link about cisco switch

0

Share this post


Link to post
Share on other sites
Then why internet does not work even after changing MAC and IP, while previosly I have accessed the internet for 3-4 months using the same trick.

I presume he found out and changed his authentication method. Inventum's data sheet indicates that MAC/IP is meant for stupid devices that can't authenticate properly.

0

Share this post


Link to post
Share on other sites
Then why internet does not work even after changing MAC and IP, while previosly I have accessed the internet for 3-4 months using the same trick.

I presume he found out and changed his authentication method. Inventum's data sheet indicates that MAC/IP is meant for stupid devices that can't authenticate properly.

Is there no way to solve it?

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now