|
Bugtraq
mailing list archives
Re: Sniffable Switch Project
From: martin f krafft <madduck () madduck net>
Date: Wed, 17 Jul 2002 12:37:40 +0200
also sprach Cedric Blancher <blancher () cartel-securite fr> [2002.07.16.2038 +0200]:
All switches are "sniffable" if you use ARP cache poisoning tools such
as arpspoof from dsniff package or arp-sk.
Wrong. More expensive switches by Cisco, HP, or others employ various
techniques against ARP cache poisoning. These range from port locking
when the MAC table changes (not applicable to a dynamic environment)
up to adaptive cache cleaning methods that prevent the cache from ever
filling up. And any switch above the $50 price range will employ
a hashmap for the ARP cache rather than a table-per-port approach.
--
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net () madduck
"the human brain is like an enormous fish --
it is flat and slimy
and has gills through which it can see."
-- monty python
Attachment:
_bin
Description:
 By Date 
By Thread
Current thread:
| 
Intro
