Security Basics mailing list archives
RE: Arp Poisoning
From: anyluser <anyluser () yahoo com>
Date: Thu, 7 Nov 2002 10:13:21 -0800 (PST)
Does anyone know whether or not a traceroute from an arp-poisoned client would expose the traffic redirection?
-----Original Message----- From: Michael Ungar [mailto:m_ungar () yahoo com] Sent: Wednesday, November 06, 2002 11.27 PM To: security-basics () securityfocus com Subject: ARP Poisoning From security books I've read it's not hard to eavesdrop on network communication using tools like dsniff, even in a switched environment. My understanding is that it is accomplished quite
easily
by ARP poisoning your victim in thinking your machine's MAC as the router MAC & after
interception,
re-forwarding the traffic back to the true router
MAC.
Assuming the network environment is large (e.g., configuring port switches for specific MAC addresses not practical) & desktop security cannot be
guaranteed
(and thereby cannot prevent people from allowing machines to IP forward), how can one defend against other than encrypting data. Thanks....Mike
__________________________________________________ Do you Yahoo!? U2 on LAUNCH - Exclusive greatest hits videos http://launch.yahoo.com/u2
Current thread:
- ARP Poisoning Michael Ungar (Nov 07)
- Re: ARP Poisoning Matt Hemingway (Nov 08)
- Re: ARP Poisoning ATD (Nov 09)
- <Possible follow-ups>
- Re: ARP Poisoning brien mac (Nov 08)
- RE: ARP Poisoning Trevor Cushen (Nov 08)
- Re: ARP Poisoning Jeff Dickison (Nov 09)
- Re: ARP Poisoning Matt Hemingway (Nov 09)
- RE: Arp Poisoning anyluser (Nov 09)