So far you have been less than helpful in answering the questions people
have asked.
E B wrote:
> I downloaded windump. I started it in the command prompt but nothing is
> happening because it is trying to capture from the generic dialup
> adapter instead of my wireless card, i tried windump /? and windump help
> but that doesnt give me anything. I dont know how to switch adapters and
> i dont know how to save the dump to a text file either.
windump -D
pick the interface you want, then
windump -i the-interface-number
> Recently, I went online and it was very slow, I noticed a host computer
> online that had an obviously spoofed MAC, so I am pretty sure there is
> something fishy going on.
> Shortly after I noticed the spoofed MAC, I got a pop-up from my PC
> firewall that said the LSA Shell (Export version) was trying to act as a
> server.
Where is the example capture file? The raw LLC capture, not some
butchered file with all the important information removed.
How do you know a MAC is spoofed? It is common, if not standard,
practice to use locally administered addresses wth LLC.
--
There's no point in being grown up if you can't be childish sometimes.
-- Dr. Who
