Security Basics mailing list archives
Re: ARP Poisoning
From: Matt Hemingway <matt () supplyedge com>
Date: Thu, 7 Nov 2002 09:36:26 -0800
This might help: http://www.acsac.org/1999/papers/fri-b-0830-dutta.pdf -Matt On Wednesday 06 November 2002 08:27 pm, Michael Ungar wrote:
From security books I've read it's not hard to eavesdrop on network communication using tools like dsniff, even in a switched environment. My understanding is that it is accomplished quite easily by ARP poisoning your victim in thinking your machine's MAC as the router MAC & after interception, re-forwarding the traffic back to the true router MAC. Assuming the network environment is large (e.g., configuring port switches for specific MAC addresses not practical) & desktop security cannot be guaranteed (and thereby cannot prevent people from allowing machines to IP forward), how can one defend against other than encrypting data. Thanks....Mike __________________________________________________ Do you Yahoo!? U2 on LAUNCH - Exclusive greatest hits videos http://launch.yahoo.com/u2
-- ---------- Matt Hemingway matt.hemingway () pcnalert com http://www.pcnalert.com 626-585-2788 x136 ----------
Current thread:
- ARP Poisoning Michael Ungar (Nov 07)
- Re: ARP Poisoning Matt Hemingway (Nov 08)
- Re: ARP Poisoning ATD (Nov 09)
- <Possible follow-ups>
- Re: ARP Poisoning brien mac (Nov 08)
- RE: ARP Poisoning Trevor Cushen (Nov 08)
- Re: ARP Poisoning Jeff Dickison (Nov 09)
- Re: ARP Poisoning Matt Hemingway (Nov 09)
- RE: Arp Poisoning anyluser (Nov 09)