300 Chapter 12 ■ Session Hijacking
- Awesome! Now you have ARP-poisoned both victim machines, and your attack machine
is in the middle of the traffic flow. Take a look at that ping traffic, and see what the status
of the ping is now that it’s being redirected. - So it looks like your ping is no longer working, and in this scenario, that’s actually
a good thing. What this confirms for you is that all traffic between the two victim
machines is in fact being directed through your machine first. You must now enable
IP forwarding on your Backtrack client to allow the ICMP packet to flow through you.
(Although you could have completed this step before the exercise, keeping IP forward-
ing off initially allows you to confirm that you are receiving the ping traffic.) The com-
mand you will use is echo 1 > /proc/sys/net/ipv4/ip_forward.
E XE RC I S E 12 .1 (continued)