Re: switched n/w

[easternerd <easternerd () gmx net>]

Hi All,

I am just wondering how come no one ever mentioned Port - Spanning :)
This is a well known technique used to direct the traffic of a series of 
ports in a switch to one particular port.
So administrators can sniff on it. Well i know this has nothing to do 
with your situation as you yourself seem
to be the administrator of the network

Just thought i would chip in with this as its a very well know technique 
in a switching environment.
You can take a look at this page for info on network taps 
http://www.securityfocus.com/infocus/1594

Email Correspondence:
easternerd () securityrisk org
easternerd () gmx net
Websites:
http://securityrisk.org
http//cryptography.tk

q q wrote:

> http://www.oxid.it/projects.html
>
> has two utilities that youo may find useful:
>
> > From the site:
> "sTerm is a Telnet client with a unique feature. It can establish an
> entire bi-directional Telnet session to a target host never sending
> your real IP and MAC addresses in any packet. By using "ARP
> Poisoning", "MAC Spoofing" and "IP Spoofing" techniques sTerm can
> effectively bypass ACLs, Firewall rules and IP restrictions on servers
> and network devices. the connection will be done impersonating a
> Trusted Host."
>
> and 
>
> "ArpWorks is an utility for sending customized 'ARP announce' packets
> over the network. All ARP parameters, including the Ethernet Source
> MAC address (the phisical address of your network card) can be changed
> as you like. Other features are: IP to MAC resolver, subnet MAC
> discovery, host isolation, packets redirection, general IP confict."
>
> ---
> Computing tutorials and general geekiness at http://www.puremango.co.uk
>
>
>