Frank Sweetser wrote:
Eric Martin wrote:
Have you tried to ping the loopback address? I know that a fried card won't respond to lo replies (127.0.0.1) in Windows, but I'm not sure what the behavior is in *NIX. That being said, if the loopback interface isn't up then we have our answer.
That trick won't work under any self-respecting 'nix clone. Unix based systems have a virtual interface that gets configured with 127.0.0.1/8, and doesn't care about the state of our physical adapters.
The reason that works at all under Windows is because Windows doesn't actually have a loopback interface device driver. (okay, technically there is one, but it's not installed by default.) Instead, there's some special casing in the IP stack that makes it consider 127.0.0.1 a hidden, non-removable IP alias on each regular network interface.
As a side note, if you're on the same local network as the victime, you can often leverage this gross hack to bypass Windows firewall rules by sending it packets with the correct destination MAC address and an IP address of 127.0.0.1.
Very cool hack! Thanks for the info on NIX and lo, I figured it might be different altogether but I wasn't sure. -- Eric Martin Key fingerprint = D1C4 086E DBB5 C18E 6FDA B215 6A25 7174 A941 3B9F