Re: Sniffable Switch Project

From: Cedric Blancher (blancher@cartel-securite.fr)
Date: Tue Jul 16 2002 - 11:38:57 PDT

Next message: securityat_private: "Security Update: [CSSA-2002-031.0] Linux: mod_ssl off-by-one error"

Previous message: Frédéric Raynal: "Re: Sniffable Switch Project"
In reply to: alaricat_private: "Sniffable Switch Project"
Next in thread: martin f krafft: "Re: Sniffable Switch Project"
Reply: martin f krafft: "Re: Sniffable Switch Project"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Le mar 16/07/2002 à 12:37, alaricat_private a écrit :
> If you decided to participate, please include all information about the
> switch(es) you tested (e.g. manufacture, model, managed or unmanaged, how many
> ports, firmware/OS version, etc.). Please also include what you tested for
> - ARP spoofing, MAC flooding, MAC duplicating, or the like -  and what the
> results were.

All switches are "sniffable" if you use ARP cache poisoning tools such
as arpspoof from dsniff package or arp-sk.

And sniffing is the little part of the problem, as you can do far more
than simply look what's going on.

Just see http://www.arp-sk.org/ which is a excerpt from an article
written for a french security magazine.

-- 
Cédric Blancher
Consultant sécurité systèmes et réseaux  - Cartel Sécurité
Tél: 01 44 06 97 87 - Fax: 01 44 06 97 99
PGP KeyID:157E98EE  FingerPrint:FA62226DA9E72FA8AECAA240008B480E157E98EE

Next message: securityat_private: "Security Update: [CSSA-2002-031.0] Linux: mod_ssl off-by-one error"
Previous message: Frédéric Raynal: "Re: Sniffable Switch Project"
In reply to: alaricat_private: "Sniffable Switch Project"
Next in thread: martin f krafft: "Re: Sniffable Switch Project"
Reply: martin f krafft: "Re: Sniffable Switch Project"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 16 2002 - 16:54:10 PDT