-
June 20th, 2003, 05:59 PM
#1
ARP Poison?
Hey all,
I've been reading about this whole 'arp poisoning’ thing. The only materials that I’ve seen are all offensive (as apposed to defensive papers)-> would any one happen to know of some info. That I can find on this subject. How to protect against it; How to detect it, et cetera…
Thank You.
TampaBay
yeah, I\'m gonna need that by friday...
-
June 20th, 2003, 06:42 PM
#2
Tampabay: Check out this paper
http://www.arp-sk.org/doc/arp-sk-lsm2002.pdf
At the end it has some suggestions for protecting yourself against ARP poisoning. Its not the best, but it is a start.
N00b> STFU i r teh 1337 (english: You must be mistaken, good sir or madam. I believe myself to be quite a good player. On an unrelated matter, I also apparently enjoy math.)
-
June 20th, 2003, 06:43 PM
#3
Member
I've managed to spoof the Switch with a false MAC address.
I 've changed my MAC addresst (my terminal computer) to the default Gateway computer (win 2k server ). In the bridge table it show one MAC address in 2 port (the port to my box and to the server box). And other client sometime suffer from accessing the default-gateway.
However. when i changed the IP of my box to the server IP, it states a IP confict and the IP turns to 0.0.0.0 (phew, luckily). I thought .... if some one manage to successfully change the IP, it would be messy for whole the network.
Let\'s go to Paramount Great America !!!! LFC (LookingForChick)
-
June 21st, 2003, 08:01 AM
#4
I think some newer switches actually incorporate 'port security' or something similarly named, which allows the switch to be set so that it can detect attempts to use ARP to change the IP on a particular physical port.
[HvC]Terr: L33T Technical Proficiency
-
June 21st, 2003, 10:23 AM
#5
Junior Member
ARP is evil!
Lots of new switches incorporate security measures.
Check out:
CXGJarrod's post.
Thanks to CXGJarrod for the great link
As always;
-
June 21st, 2003, 05:24 PM
#6
Member
I've checked .
A Cisco Catalyst 2950, 1 MAC address are binded into 2 ports (one legal and one illegal).
All the inside potential hacker have to do is to spoof the default gateway IP address. Don't tell me to asign priviliged level to all users, coz my policy is ..., ya know, i'm not the one who decide.
Let\'s go to Paramount Great America !!!! LFC (LookingForChick)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|