-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Isn't this something that can be avoided with static ARP entries for
DMZ devices? Also, if an attacker would use ARP redirect packets,
wouldn't he break the communication with the intended devices and
thus create an event that can be detected?
Frank
> -----Original Message-----
> From: Mikael Olsson [mailto:[EMAIL PROTECTED]]
> Sent: Friday, September 08, 2000 3:29 AM
>
> Frank Knobbe wrote:
> >
> > Oh, and I know that I think of it, using switches in your DMZ
> > will probably help to thwart the sniffing issue... :)
>
> Not really, I'm afraid.
> Check out http://www.monkey.org/~dugsong/dsniff/
> for some really funky automated arp redirection games.
>
> Quote from Dug's text:
> "this is an extremely effective way of sniffing traffic on a
> switch"
>
> (And ARP redirection isn't exactly rocket science, so it doesn't
> matter if the Bad Guys(tm) have found Dug's page or not)
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.1
Comment: PGP or S/MIME (X.509) encrypted email preferred.
iQA/AwUBObj6nERKym0LjhFcEQKm3QCeIT2hoiRayoEeClgg0MdXudi1tX0AoPfg
+6ctM4QKXNooOiARHZlbSYPE
=zcCA
-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
