Date: Tue, 19 Dec 2000 22:49:33 -0600 (CST) From: Mike Silbersack <silby@silby.com> To: David Talkington <dtalk@prairienet.org> Cc: Chuck Rock <carock@epconline.net>, <security@FreeBSD.ORG>, <questions@FreeBSD.ORG> Subject: RE: What anti-sniffer measures do i have? Message-ID: <Pine.BSF.4.31.0012192245040.4679-100000@achilles.silby.com> In-Reply-To: <Pine.LNX.4.30.0012192209100.2606-100000@sherman.spotnet.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 19 Dec 2000, David Talkington wrote: > Play around with dsniff. On my test network at home, with two > workstations (A and B) and a gateway router (C) on a 10/100 switch, > I've been able to convince A that B was its router, and view A's > traffic before sending it on to C. A putters away, and never even > knows B is there. It's kinda scary. > > Far as I know, hard-coding an arp table is the only way to prevent > that sort of thing ... someone please correct me if I'm wrong? > > -d Out of curiosity, could you run arpwatch on one of the workstations (preferrably D, not one of the involved) and see if it detects the arp oddity? Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.31.0012192245040.4679-100000>