Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Sniffing on a switch

From: Cedric Blancher <blancher () cartel-securite fr>
Date: Sat, 29 Oct 2005 21:51:04 +0200
Le samedi 29 octobre 2005 à 12:48 +0200, Volker Tanger a écrit :

And yes, all unprotected switches can be subjected to ARP poisoning. But
(again) many manageable switches can be configured with preventive
measures:
- static/manual MAC/port mapping
- automatic one-time MAC/port config: the very first MAC/port
  combination seen is taken as semi-static entry, all others are dropped.
- limiting number of MAC addresses per port allowed
  (which helps against rogue switches and router, too)


Do you mean theses measures can prevent ARP cache poisoning ? Because
they just don't.


-- 
http://sid.rstack.org/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE

Hi! I'm your friendly neighbourhood signature virus.
Copy me to your signature file and help me spread!


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: