thr3ads.net - Xen users - [Xen-users] ARP-Spoofing + Xen Network script ??? [Oct 2009]

If this information is useful, please help other people find it:
Share via:

Patrick Straub

2009-Oct-20 16:50 UTC

[Xen-users] ARP-Spoofing + Xen Network script ???

Hi xenusers,

is it possible to do a ARP-Spoof from a VM lets say DomU1 and the Dom0 ?
I''m currently using Xen in routed-mode which means that every DomU has
its own ip-address and packets will be forwarded on the Dom0.

I''ve tested a simple ARP-Spoof within my DomU. I''ve tried to
tell the
Dom0 that I''m now the gateway to forward the traffic on. So I did the
following command:
	arpspoof -t "dom0-ip" "gw-ip"

But there was no effect?

Does anybody know why this is so? It seems that Dom0 is not accepting
any ARP-Pakets from the Userdomains but why and how?

Thx for any answer on this.

greetings
Patrick


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Nathan Eisenberg

2009-Oct-21 03:35 UTC

head link

RE: [Xen-users] ARP-Spoofing + Xen Network script ???

> -----Original Message-----
> From: xen-users-bounces@lists.xensource.com [mailto:xen-users-
> bounces@lists.xensource.com] On Behalf Of Patrick Straub
> Sent: Tuesday, October 20, 2009 9:50 AM
> To: xen-users@lists.xensource.com
> Subject: [Xen-users] ARP-Spoofing + Xen Network script ???
> 
> Hi xenusers,
> 
> is it possible to do a ARP-Spoof from a VM lets say DomU1 and the Dom0
> ?
> I''m currently using Xen in routed-mode which means that every DomU
has
> its own ip-address and packets will be forwarded on the Dom0.
> 
> I''ve tested a simple ARP-Spoof within my DomU. I''ve tried
to tell the
> Dom0 that I''m now the gateway to forward the traffic on. So I did
the
> following command:
> 	arpspoof -t "dom0-ip" "gw-ip"
> 
> But there was no effect?
> 
> Does anybody know why this is so? It seems that Dom0 is not accepting
> any ARP-Pakets from the Userdomains but why and how?
> 
> Thx for any answer on this.
> 
> greetings
> Patrick
I''d guess that your dom0 isn''t arping for the gateway to the
vif, but without more information, it''s impossible to say.

If your Dom0''s eth0 is 1.1.1.2/24, and your vif0 is 1.1.2.1/24, your
dom0 isn''t going to send an ARP for 1.1.1.1 on vif0 - that
doesn''t make sense to the routing table.

Best Regards,
Nathan Eisenberg


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Xen users - Oct 2009 - ARP-Spoofing + Xen Network script ???

[Xen-users] ARP-Spoofing + Xen Network script ???

RE: [Xen-users] ARP-Spoofing + Xen Network script ???