At 07:02 PM 2/4/2001 +0100, Robert van der Meulen wrote:
>Hi,
>
>Quoting Salyars, Marty (marty.salyars_at_AMSC.BELVOIR.ARMY.MIL):
> > Can someone inside a switched NT network spoof a host to get
> > unauthorized access to resources. How easy or hard is it?
>Yes. Using tools like 'arpredirect' in combination with 'fragrouter' or the
>like, someone can redirect all trafic from a host to other hosts trough
>his/her own machine. Spoofing is easy then.
>Spoofing inside a switched network is usually no problem at all; sniffing
>inside a switched network is. You probably won't even need to 'arpredirect'
>to do the spoofing, unless we're talking a switch that knows his stuff.
Actually, sniffing isnt' that heard either. There are several ways to do
it such as making the switch you are a trunk port and you need all the
traffic. In order words, don't put a switch and VLANs in place and expect
that to be your security because they can be defeated.
Brian
Received on Feb 05 2001
Intro
