not necessarily. arp cache poisoning, mac address mirroring, and mac address spamming can enable sniffing of network traffic (that normally would not be addressed to a specific port) on a switch quite easy. On Fri, Aug 17, 2001 at 09:01 AM, Malcolm Jack <Malcolmat_private> said: > Excuse my ignorance, but wouldn't a switched network be a remedy for this > attack? Unless you are using some type of 'port mirroring' functionality > (at the switch) the attacking computer sitting in promiscuous mode would > only hear broadcast traffic. Right? Or am I missing something? > > -----Original Message----- > From: Korhan Kaya [mailto:kkayaat_private] > Sent: Tuesday, August 14, 2001 8:38 AM > To: vuln-devat_private > Subject: MiM Simultaneous close attack > > > MiM simultaneous CLOSE attack > > Revision 1.1 > > For Public Release 2001 August 07 08:00 (GMT +0200) > _________________________________________________________________ > > Vulnerability : > MiM simultaneous CLOSE attack > Vendor : > N/A > Category : > Man in the middle / Denial of service > Date : > 08/07/2001 > Credits : > Korhan Kaya <kkayaat_private> > Document ID : MW-TCPMD-03 > > ----- _______________________________________ Mike Mclane | xyntrix at bitz dot org | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This archive was generated by hypermail 2b30 : Fri Aug 17 2001 - 15:06:22 PDT