Home page logo

basics logo Security Basics mailing list archives

RE: Arp Poisoning
From: anyluser <anyluser () yahoo com>
Date: Thu, 7 Nov 2002 10:13:21 -0800 (PST)

Does anyone know whether or not a traceroute from an
arp-poisoned client would expose the traffic

-----Original Message-----
From: Michael Ungar [mailto:m_ungar () yahoo com] 
Sent: Wednesday, November 06, 2002 11.27 PM
To: security-basics () securityfocus com
Subject: ARP Poisoning

From security books I've read it's not hard to
eavesdrop on network communication using tools like
dsniff, even in a switched environment. My
understanding is that it is accomplished quite
by ARP poisoning your victim in thinking your
machine's MAC as the router MAC & after
re-forwarding the traffic back to the true router

Assuming the network environment is large (e.g.,
configuring port switches for specific MAC addresses
not practical) & desktop security cannot be
(and thereby cannot prevent people from allowing
machines to IP forward), how can one defend against
other than encrypting data.


Do you Yahoo!?
U2 on LAUNCH - Exclusive greatest hits videos

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]