EvilZone

Thank you very much i realy looking forword to read your network ideas, they are very criative .
I read abaut NTP in google (rfc,wikipedia,forums) and i didnt found a place that talks abaut how often NTP request are sent
so i start resarch on my computer and i found out that it is (in my computers at work and probevly most computers)not set by default , wich mean that it is a possible solution but i can use it only in cartain cases
]anyhow , its an extremly good creative idea that can "handle" a wide range of security checks that using time (like kerberos)
abaut the arp , did you ment to do arp poissoning without ip forwording (and by this making an dos attack )?
I do not care if the solution will bee throgh DHCP or other protrcol ,the only thing its, i need it fully automatic , so regardles to what victim do , his computer will ask for new ip
not somthing that rely on it that victim shuld do restart or something like this (like make router shutdown, dos attack etc. ) 

edit:
i traied the ntp spoof attack , its not work , even when i change the time on the victim , he does not ask for a new ip , maybe he check the time with some timer or something alse ...

hi
i do dhcp starvation + dhcp rouge attack , but i have a problem wih already conected clients (sometime the leas can be for a few days...)

i try to make already connected clients to resend discovery request (befor the leas due) so i can cach them with my rouge dhcp server
i tried so far:
1 replay with NAK on INFORM -> didnt work
2 replay with ACK with a different leas inside onINFORM -> didnt work
3 send RELEASE on the name of the victim and than start starvation and get his ip
sending garp to aaunce on the dupicate in a loop -> didnt work
4 make attacker with static ip that duplicate with the ip of my victim -> didnt work


i realy need help on this , no matter how the only rule is that i dont have phisical access to cable or to router