From owner-freebsd-security Wed Dec 20 8:17:58 2000 From owner-freebsd-security@FreeBSD.ORG Wed Dec 20 08:17:56 2000 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.colltech.com (ausproxy.colltech.com [208.229.236.19]) by hub.freebsd.org (Postfix) with ESMTP id DC5F037B400 for ; Wed, 20 Dec 2000 08:17:55 -0800 (PST) Received: from mail2.colltech.com (mail2.colltech.com [208.229.236.41]) by mx1.colltech.com (8.9.3/8.9.3/not) with ESMTP id KAA27570; Wed, 20 Dec 2000 10:17:51 -0600 Received: from colltech.com (dhcp5212.wdc.colltech.com [10.20.5.212]) by mail2.colltech.com (8.9.3/8.9.3/not) with ESMTP id KAA12995; Wed, 20 Dec 2000 10:17:49 -0600 Message-ID: <3A40DBC4.92D2F874@colltech.com> Date: Wed, 20 Dec 2000 11:18:12 -0500 From: Daniel Hagan X-Mailer: Mozilla 4.72 [en] (Win98; I) X-Accept-Language: en MIME-Version: 1.0 To: David Talkington Cc: Chuck Rock , security@FreeBSD.ORG Subject: Re: What anti-sniffer measures do i have? References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In the early/mid 90's there was a student at Virginia Tech who played this stunt in a dorm and collected several hundred mail server passwords. Similar tricks can be played w/ DHCP. A friend of mine did a proof of concept attack against his friend in their dorm at Tech when they rolled out DHCP there. Daniel David Talkington wrote: > Play around with dsniff. On my test network at home, with two > workstations (A and B) and a gateway router (C) on a 10/100 switch, > I've been able to convince A that B was its router, and view A's > traffic before sending it on to C. A putters away, and never even > knows B is there. It's kinda scary. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message