Date: Tue, 19 Dec 2000 16:26:13 -0600 From: "Chuck Rock" <carock@epconline.net> To: <security@FreeBSD.ORG>, <questions@FreeBSD.ORG> Subject: RE: What anti-sniffer measures do i have? Message-ID: <009001c06a0a$b2163170$1805010a@epconline.net> In-Reply-To: <200012192213.PAA04005@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I believe most switches are Layer 2 which is MAC based. You would have to know the MAC address of the computer you want to intercept traffic for, and then your switch would have to give you the packets instead of erroring out and or dropping the packets because you can't have two of the same MAC addresses on the network. Has anyone actually gotten another's information spoofing MAC addresses? I don't see how this could work. Chuck > -----Original Message----- > From: imp@harmony.village.org [mailto:imp@harmony.village.org]On Behalf > Of Warner Losh > Sent: Tuesday, December 19, 2000 4:14 PM > To: Jason DiCioccio > Cc: Artem Koutchine; security@FreeBSD.ORG; questions@FreeBSD.ORG > Subject: Re: What anti-sniffer measures do i have? > > > In message > <657B20E93E93D4118F9700D0B73CE3EA02433D@goofy.epylon.lan> Jason > DiCioccio writes: > : Although sniffing is still possible over a switched network with some > : arp tricks.. > > It depends on the switch... But there may be some man in the middle > attacks that are still possible with switches, but I haven't thought > about it too much. > > Warner > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?009001c06a0a$b2163170$1805010a>