Date: Sun, 22 Apr 2001 20:03:44 +0200 (MEST) From: =?ISO-8859-1?Q?P=E4r_Thoren?= <t98pth@student.bth.se> To: Dag-Erling Smorgrav <des@ofug.org> Cc: freebsd-security@freebsd.org Subject: Re: static arp values Message-ID: <Pine.GSO.4.21.0104221954380.393-100000@helios> In-Reply-To: <xzpn198kfg4.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
a attacker can arppoisonen my arpcache with false information about what macadress the gateway has. The attacker tells the arpcache that the gateway ip has the macadress of his nic, then route my traffic to the "real" gateway without my knowledge. He can then monitor my traffic. A static value of the macadress of the gateway could prevent this. This is, again, on a switched ethernet lan. /P=E4r On 22 Apr 2001, Dag-Erling Smorgrav wrote: > P=E4r Thoren <t98pth@student.bth.se> writes: > > But I can still sniff the connection between the machine with the stati= c > > arp value and the router. That is what I find strange. >=20 > How do you expect a static ARP entry will prevent sniffing? >=20 > DES > --=20 > Dag-Erling Smorgrav - des@ofug.org >=20 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.21.0104221954380.393-100000>