Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Cain & Able man in the middle attack

From: Dotzero <dotzero () gmail com>
Date: Wed, 12 Dec 2007 16:23:52 -0500
On 12/11/07, James Bensley <jwbensley () gmail com> wrote:

I too have performed MITM attacks on my network with Cain & Able. Also
having grabbed a few HTTP and FTP passwords seeing that it was
successful I now need to secure my self against these attacks but how
can I do this? Would static MAC mappings in my hosts files do the
trick?

Thanks for your time
Bensley.



The first step is to use port lockdown on your switches. I've had
mixed success in locking down the host side of things depending on the
platform. You can always run something like arpwatch to at least
monitor the network and log for MAC address changes.

My next question would be, what http and ftp passwords are crossing
your network? If they aren't important, get rid of them. If they are
important than use SSL for web and use SCP or SFTP for your file
transfers.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: