Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

AW: ARP Poisoning

From: Fuchs Bernhard <Bernhard.Fuchs () itellium com>
Date: Fri, 8 Nov 2002 08:04:15 +0100 
Hi Michael!

I did not test it out too much, but if you are in the same network windows
will warn that the same IP-Adress is twice on the net.
On Linux you see it, if you ping the router, he shows that the ping is
redirected.
can anyone verify this? other than that ?????

Mit freundlichen Grüßen/ sincerely yours


Bernhard Fuchs 
Junior System-Engineer 
IT-Infrastruktur

ITELLIUM 
Systems & Services GmbH 
Fürther Straße 205 
90429 Nürnberg 

Tel.:   +49-911-14-27321 
Fax:    +49-911-14-22016 
mailto:bernhard.fuchs () itellium com 
http://www.itellium.com

This email is confidential. If you are not the intended recipient, you must
not disclose or use the information contained in it. If you have received
this mail in error, please tell us immediately by return email and delete
the document. E-mails to and from the company are monitored for operational
reasons and in accordance with lawful business practices. The contents of
this email are those of the individual and do not necessarily represent the
views of the company. The company accepts no responsibility once an e-mail
and any attachments is sent. 



-----Ursprüngliche Nachricht-----
Von: Michael Ungar [mailto:m_ungar () yahoo com]
Gesendet: Donnerstag, 7. November 2002 05:27
An: security-basics () securityfocus com
Betreff: ARP Poisoning



From security books I've read it's not hard to

eavesdrop on network communication using tools like
dsniff, even in a switched environment. My
understanding is that it is accomplished quite easily
by ARP poisoning your victim in thinking your
machine's MAC as the router MAC & after interception,
re-forwarding the traffic back to the true router MAC.

Assuming the network environment is large (e.g.,
configuring port switches for specific MAC addresses
not practical) & desktop security cannot be guaranteed
(and thereby cannot prevent people from allowing
machines to IP forward), how can one defend against
other than encrypting data.

Thanks....Mike


__________________________________________________
Do you Yahoo!?
U2 on LAUNCH - Exclusive greatest hits videos
http://launch.yahoo.com/u2
Previous By Date Next
Previous By Thread Next

Current thread: