Vulnerability Development mailing list archives
RE: switch jamming
From: "Toni Heinonen" <Toni.Heinonen () teleware fi>
Date: Thu, 31 Jan 2002 18:48:02 +0200
Static ARP entries can prevent this if implement on the switch (and it is a good idea to use them on all the network devices as well). Also, protocols such as IPSEC can strengthen any protocols tunneled through it against manipulation or sniffing.
Indeed. However static ARP entries don't help on Windows workstations, as opposed to what most people think. You can configure a static ARP entry with the arp-command, true, but ARP is a stateless protocol which means we can answer even if no one asks. If we send ARP-responses to a Windows computer, they overwrite the static ARP entries. That means we can poison the ARP cache at any time, we don't have to sit and wait for the computer to send ARP-requests. -- Toni Heinonen, CISSP Teleware Oy +358 40 836 1815
Current thread:
- Re: DoS against DHCP, (continued)
- Re: DoS against DHCP Craig Van Tassle (Jan 30)
- Re: DoS against DHCP Felix Lindner (Jan 31)
- Re: switch jamming Blue Boar (Jan 30)
- RE: switch jamming Ed Moyle (Jan 30)
- Re: switch jamming sean whalen (Jan 30)
- RE: switch jamming Henniges, Matthew (ISS) (Jan 30)
- RE: switch jamming Anthony Gruppuso (Jan 31)
- Re: switch jamming Blue Boar (Jan 31)
- Re: switch jamming ALoR (Jan 31)
- RE: switch jamming Alexander (Jan 31)
- Re: switch jamming Blue Boar (Jan 31)
- RE: switch jamming Toni Heinonen (Jan 31)
- Re: switch jamming blast (Jan 31)
- RE: switch jamming blast (Jan 31)
- RE: switch jamming Richard Corley (Jan 31)