Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Cain & Able man in the middle attack

From: Chris Brenton <cbrenton () chrisbrenton org>
Date: Thu, 13 Dec 2007 07:25:16 -0500
On Tue, 2007-12-11 at 13:48 +0000, James Bensley wrote:

I too have performed MITM attacks on my network with Cain & Able. Also
having grabbed a few HTTP and FTP passwords seeing that it was
successful I now need to secure my self against these attacks but how
can I do this? Would static MAC mappings in my hosts files do the
trick?


Depends on what you are trying to protect against. There are five
different techniques (that I'm aware of) for sniffing in a switched
network. Each requires a different method of protection.

I've posted a video here:
http://www.chrisbrenton.org/sans/switch-sniffing-final.wmv

which should help.

HTH,
Chris
-- 
cbrenton () chrisbrenton org

Did you know:
djohn permits John The Ripper to crack passwords with multiple systems
sharing the load. 

Visit http://www.sans.org/info/16981 to find out how you can learn more.




------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: