Educause Security Discussion mailing list archives

Re: Risks of File Transfer on a Fully Switched Network

From: Huba Leidenfrost <huba () UIDAHO EDU>
Date: Wed, 30 Nov 2005 09:15:27 -0800

Chad,

If you have your presentation/demo for sniffing on a switched network I'd be
interested in adding it to my presentations toolbelt.  I'm assuming you used
something like dsniff/arpredirect & fragrouter.  Who was your target
audience exactly?  Management or other technical network/system
administration folks?  I'm more interested in the format of your
presentation then the actual tools.  And I'm curious if you did any other
demonstrations like CDP neighbor DoS or such.

Finally, after your demonstration were you successful in obtaining a sunset
timetable for blocking cleartext authentication (at least on more sensitive
networks)?

Curious,

Huba Leidenfrost
ITS Security Analyst
University of Idaho
208.885.2126/7539(fax)


________________________________

        From: wcon [mailto:wcon () CONNCOLL EDU]
        Sent: Wednesday, November 30, 2005 6:04 AM
        To: SECURITY () LISTSERV EDUCAUSE EDU
        Subject: Re: [SECURITY] Risks of File Transfer on a Fully Switched
Network
        
        
        Ever hear of "man in the middle attacks", arps are broadcasts, a
switch won't save you unless it can prevent these (i.e. Cisco 4500 or
better).
        
        
        
<SNIP>

Current thread:

Re: Risks of File Transfer on a Fully Switched Network, (continued)
- Re: Risks of File Transfer on a Fully Switched Network Ken Connelly (Nov 29)
- Re: Risks of File Transfer on a Fully Switched Network Russell Fulton (Nov 29)
- Re: Risks of File Transfer on a Fully Switched Network Richard Gadsden (Nov 29)
- Re: Risks of File Transfer on a Fully Switched Network David Gillett (Nov 29)
- Re: Risks of File Transfer on a Fully Switched Network Chad McDonald (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network wcon (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network jack suess (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Dunker, Mary (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Gary Flynn (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Gary Dobbins (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Huba Leidenfrost (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Russell Fulton (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Bradley Ellis (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Cal Frye (Dec 01)
- Re: Risks of File Transfer on a Fully Switched Network Scholz, Greg (Dec 01)
- Re: Risks of File Transfer on a Fully Switched Network Gary Dobbins (Dec 01)
- Re: Risks of File Transfer on a Fully Switched Network Robert Kerr (Dec 02)
- Re: Risks of File Transfer on a Fully Switched Network Alan Amesbury (Dec 06)