Re: hijacking TCP connections on FreeBSD

From: Andreas Krennmair (a.krennmairat_private)
Date: Wed Jul 10 2002 - 15:39:55 PDT

Next message: Kenneth Duran: "Re: Norton antivirus fails to scan files"

Previous message: Remington Winters: "Re: Norton antivirus fails to scan files"
In reply to: jmiller: "Re: hijacking TCP connections on FreeBSD"
Next in thread: Ron DuFresne: "Re: hijacking TCP connections on FreeBSD"
Next in thread: tide: "Re: hijacking TCP connections on FreeBSD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* jmiller <secadminat_private> [02-07-10 23:01]:
> a man in the middle is not neccessary, you sniff the packets, spoof your ip
> and or mac, then dos the other box you are spoofing. there is a *nix tool
> that will do an arp flood, turning all switches into a hub, so you do not

It's a myth that "all switches" are vulnerable by such simple arp
flooding. "Good" switches shut down the port where arp flooding comes
from. Not even my el cheapo "Elsa" switch at home is vulnerable, I tried
it out, I wanted to present this attack to friends of mine.

ak
-- 
A one-character regular expression is a regular expression that
matches whatever the one-character regular expression matches.
  -- Sun regexp manpage

application/pgp-signature attachment: stored

Next message: Kenneth Duran: "Re: Norton antivirus fails to scan files"
Previous message: Remington Winters: "Re: Norton antivirus fails to scan files"
In reply to: jmiller: "Re: hijacking TCP connections on FreeBSD"
Next in thread: Ron DuFresne: "Re: hijacking TCP connections on FreeBSD"
Next in thread: tide: "Re: hijacking TCP connections on FreeBSD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jul 10 2002 - 14:02:52 PDT