Penetration Testing mailing list archives
Re: Sniffing on a switch
From: Volker Tanger <vtlists () wyae de>
Date: Wed, 2 Nov 2005 14:30:44 +0100
Good morning! Cedric Blancher <blancher () cartel-securite fr> wrote:
Le mardi 01 novembre 2005 à 10:50 +0100, Volker Tanger a écrit :If manual MAC/port mapping takes precedence over cache (which is implementation dependant) - why not? If port security disables the port (the attacker/flooder's one) as soon as more than one MAC address is being announced there - why not?ARP cache poisoning will still work because when your ARP cache poison someone, you actually don't change your MAC address at all...
[...]
You can see http://sid.rstack.org/arp-sk/ for further details on ARP cache poisoning.
Ah, THAT technique you were talkiong about. Sorry, name mixup in my brain - I still was thinking of the switch's MAC/port cache (obviously).
To quickly reach my point, port security, as a layer 2 mecanism, is _useless_ against ARP cache poisoning.
Yepp, you're right. Thanks for clarifying. Bye Volker -- Volker Tanger http://www.wyae.de/volker.tanger/ -------------------------------------------------- vtlists () wyae de PGP Fingerprint 378A 7DA7 4F20 C2F3 5BCC 8340 7424 6122 BB83 B8CB ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Re: Sniffing on a switch Volker Tanger (Nov 01)
- Re: Sniffing on a switch Cedric Blancher (Nov 03)
- Re: Sniffing on a switch Volker Tanger (Nov 03)
- <Possible follow-ups>
- Re: Sniffing on a switch DMORROW5 (Nov 04)
- Re: Sniffing on a switch Cedric Blancher (Nov 03)