AW: ARP Poisoning

From: Fuchs Bernhard (Bernhard.Fuchs@itellium.com)
Date: 11/08/02

• Previous message: noconflic: "Re: Risk of using SS#s (last 4 digits) for authentication"
• Next in thread: Will Tell: "Re: AW: ARP Poisoning"
• Reply: Will Tell: "Re: AW: ARP Poisoning"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: Fuchs Bernhard <Bernhard.Fuchs@itellium.com>
To: "'Michael Ungar'" <m_ungar@yahoo.com>, security-basics@securityfocus.com
Date: Fri, 8 Nov 2002 08:04:15 +0100 

Hi Michael!

I did not test it out too much, but if you are in the same network windows
will warn that the same IP-Adress is twice on the net.
On Linux you see it, if you ping the router, he shows that the ping is
redirected.
can anyone verify this? other than that ?????

Mit freundlichen Grüßen/ sincerely yours

Bernhard Fuchs
Junior System-Engineer
IT-Infrastruktur

ITELLIUM
Systems & Services GmbH
Fürther Straße 205
90429 Nürnberg

Tel.: +49-911-14-27321
Fax: +49-911-14-22016
mailto:bernhard.fuchs@itellium.com
http://www.itellium.com

This email is confidential. If you are not the intended recipient, you must
not disclose or use the information contained in it. If you have received
this mail in error, please tell us immediately by return email and delete
the document. E-mails to and from the company are monitored for operational
reasons and in accordance with lawful business practices. The contents of
this email are those of the individual and do not necessarily represent the
views of the company. The company accepts no responsibility once an e-mail
and any attachments is sent.

-----Ursprüngliche Nachricht-----
Von: Michael Ungar [mailto:m_ungar@yahoo.com]
Gesendet: Donnerstag, 7. November 2002 05:27
An: security-basics@securityfocus.com
Betreff: ARP Poisoning

From security books I've read it's not hard to
eavesdrop on network communication using tools like
dsniff, even in a switched environment. My
understanding is that it is accomplished quite easily
by ARP poisoning your victim in thinking your
machine's MAC as the router MAC & after interception,
re-forwarding the traffic back to the true router MAC.

Assuming the network environment is large (e.g.,
configuring port switches for specific MAC addresses
not practical) & desktop security cannot be guaranteed
(and thereby cannot prevent people from allowing
machines to IP forward), how can one defend against
other than encrypting data.

Thanks....Mike

__________________________________________________
Do you Yahoo!?
U2 on LAUNCH - Exclusive greatest hits videos
http://launch.yahoo.com/u2

---

• Previous message: noconflic: "Re: Risk of using SS#s (last 4 digits) for authentication"
• Next in thread: Will Tell: "Re: AW: ARP Poisoning"
• Reply: Will Tell: "Re: AW: ARP Poisoning"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > security-basics  > 2002-11