Penetration Testing mailing list archives
Re: Cain & Able man in the middle attack
From: Chris Brenton <cbrenton () chrisbrenton org>
Date: Thu, 13 Dec 2007 07:25:16 -0500
On Tue, 2007-12-11 at 13:48 +0000, James Bensley wrote:
I too have performed MITM attacks on my network with Cain & Able. Also having grabbed a few HTTP and FTP passwords seeing that it was successful I now need to secure my self against these attacks but how can I do this? Would static MAC mappings in my hosts files do the trick?
Depends on what you are trying to protect against. There are five different techniques (that I'm aware of) for sniffing in a switched network. Each requires a different method of protection. I've posted a video here: http://www.chrisbrenton.org/sans/switch-sniffing-final.wmv which should help. HTH, Chris -- cbrenton () chrisbrenton org Did you know: djohn permits John The Ripper to crack passwords with multiple systems sharing the load. Visit http://www.sans.org/info/16981 to find out how you can learn more. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Cain & Able man in the middle attack Abdullah . Yousief (Dec 10)
- Message not available
- Cain & Able man in the middle attack James Bensley (Dec 12)
- Re: Cain & Able man in the middle attack Juan B (Dec 13)
- Re: Cain & Able man in the middle attack Carlos Moro GarcĂa (Dec 13)
- Re: Cain & Able man in the middle attack Steven Adair (Dec 13)
- RE: Cain & Able man in the middle attack Paul Melson (Dec 13)
- Re: Cain & Able man in the middle attack Dotzero (Dec 13)
- Re: Cain & Able man in the middle attack Kyle Evans (Dec 13)
- Re: Cain & Able man in the middle attack dubaisans dubai (Dec 14)
- Re: Cain & Able man in the middle attack Kyle Evans (Dec 14)
- Cain & Able man in the middle attack James Bensley (Dec 12)
- Re: Cain & Able man in the middle attack Chris Brenton (Dec 14)
- Message not available