lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040311223017.1098.qmail@mail.datacolo.com> From: ksmith at chartwelltechnology.com (Kenton Smith) Subject: Caching a sniffer; Re: On Thu, 2004-03-11 at 10:43, Mike Fratto wrote: > Your assuming that the attacker 1) has control of the switch and 2) is > sniffing either the uplink or has configured the switch to mirror all the > switch ports or VLAN to the mirror port. > > Neither of which may be the case. There are many people on this list who have more knowledge of this than I do, but having control of the switch isn't the only way to sniff a switched network. All you need is a way of spoofing ARP packets and you can intercept all the traffic you want. Here's one such set of tools - http://naughty.monkey.org/~dugsong/dsniff/ Kenton --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Powered by blists - more mailing lists