Vulnerability Development mailing list archives
RE: MiM Simultaneous close attack
From: "David Schwartz" <davids () webmaster com>
Date: Fri, 17 Aug 2001 11:11:39 -0700
Excuse my ignorance, but wouldn't a switched network be a remedy for this attack? Unless you are using some type of 'port mirroring' functionality (at the switch) the attacking computer sitting in promiscuous mode would only hear broadcast traffic. Right? Or am I missing something?
The attack issue is that if a certain packet is sent, the two hosts will
get into an endless loop. How hard or easy it is to send that packet
mitigates the attack but doesn't remedy it. To remedy it, the behavior in
response to that packet would have to change. Staying out of the jungle
isn't a remedy for malaria.
DS
Current thread:
- MiM Simultaneous close attack Korhan Kaya (Aug 14)
- <Possible follow-ups>
- RE: MiM Simultaneous close attack Malcolm Jack (Aug 17)
- Re: MiM Simultaneous close attack Xyntrix (Aug 17)
- Re: MiM Simultaneous close attack jaywhy (Aug 17)
- Re: MiM Simultaneous close attack Michael J. Cannon (Aug 17)
- RE: MiM Simultaneous close attack David Schwartz (Aug 17)
- RE: MiM Simultaneous close attack Dom De Vitto (Aug 17)
- Re: MiM Simultaneous close attack Korhan Kaya (Aug 17)
- Re: MiM Simultaneous close attack Xyntrix (Aug 17)
- RE: MiM Simultaneous close attack big bon (Aug 17)
- Re: MiM Simultaneous close attack Paul (Aug 18)
- Re: MiM Simultaneous close attack Robert Freeman (Aug 18)
- Re: MiM Simultaneous close attack Mauro Flores (Aug 21)
- RE: MiM Simultaneous close attack Dom De Vitto (Aug 21)
- Re: MiM Simultaneous close attack Jim Nanney (Aug 21)
- Re: MiM Simultaneous close attack Paul (Aug 18)
- Re: MiM Simultaneous close attack jaywhy (Aug 18)
- Re: MiM Simultaneous close attack Paul (Aug 19)