Security Basics mailing list archives

ARP Poisoning

From: Michael Ungar <m_ungar () yahoo com>
Date: Wed, 6 Nov 2002 20:27:17 -0800 (PST)

From security books I've read it's not hard to

eavesdrop on network communication using tools like
dsniff, even in a switched environment. My
understanding is that it is accomplished quite easily
by ARP poisoning your victim in thinking your
machine's MAC as the router MAC & after interception,
re-forwarding the traffic back to the true router MAC.

Assuming the network environment is large (e.g.,
configuring port switches for specific MAC addresses
not practical) & desktop security cannot be guaranteed
(and thereby cannot prevent people from allowing
machines to IP forward), how can one defend against
other than encrypting data.

Thanks....Mike


__________________________________________________
Do you Yahoo!?
U2 on LAUNCH - Exclusive greatest hits videos
http://launch.yahoo.com/u2

Current thread:

ARP Poisoning Michael Ungar (Nov 07)
- Re: ARP Poisoning Matt Hemingway (Nov 08)
- Re: ARP Poisoning ATD (Nov 09)
- <Possible follow-ups>
- Re: ARP Poisoning brien mac (Nov 08)
- RE: ARP Poisoning Trevor Cushen (Nov 08)
  - Re: ARP Poisoning Jeff Dickison (Nov 09)
  - Re: ARP Poisoning Matt Hemingway (Nov 09)
- RE: Arp Poisoning anyluser (Nov 09)