mailing list archives
Re: switched n/w
From: "the.soylent" <the.soylent () gmail com>
Date: Wed, 08 Dec 2004 18:08:24 +0100
it is possible by a sort of arp-attack ("man-in-the-middle"...)
for example ettercap could do such a job...
there a some programs to detect (and prevent?) such attacks like
arp-watchdog, but the best way after my knowledge is a switch with
Iam a bit new to network securities.We have a switched network and to
my knowledge a hosts' data cannot be sniffed by other host by runnning
tcpdump.But Iam receiving complaints from few users that their data is
being changed/manipulated.Is this possible?
How can I avoid this at the host level?Does this mean the server has
been compromised?Any help or pointer in this aspect would be highly
thanks in advance.