Your fundamentals are right. attacker A has to compromise some host in host B's network in Ohio or at host C's network in Florida inorder to conduct MITM attack.
Regards, --------- Muhammad Faisal Rauf Danka Chief Technology Officer Gem Internet Services (Pvt) Ltd. web: www.gem.net.pk voice: 92-021-111-GEMNET "Great is the Art of beginning, but Greater is the Art of ending. " ------BEGIN GEEK CODE BLOCK---- Version: 3.1 GCS/CM/P/TW d- s: !a C++ B@ L$ S$ U+++ P+ L+++ E--- W+ N+ o+ K- w-- O- PS PE- Y- PGP+ t+ X R tv+ b++ DI+ D G e++ h! r+ y+ ------END GEEK CODE BLOCK------ --- Thad Horak <[EMAIL PROTECTED]> wrote: >All, > >A peer recently told me that the a network topology >consisting of internal servers routing traffic through >a firewall to the internet was a security hole since >the session could either be hijacked or be hacked >using a MITM technique. > >Example: > >Internal_server --> PIX NAT --> Internet partner > >I understand the fundamentals behind hijacking and >MITM attacks, but it would seem to me that the only >way that an attacker could pull of this type of an >attack would be to compromise a host on the same >switch/hub that the firewall is on. Is this this a >correct assumption? Can attacker A in California >hijack User B in Ohio shopping on Site C in Florida >without compromising some key piece of equipment in >between B and C first? > >My apologies for the long winded question. Thanks in >advance for your insight. > >Thad > >__________________________________________________ >Do You Yahoo!? >Yahoo! Games - play chess, backgammon, pool and more >http://games.yahoo.com/ _____________________________________________________________ --------------------------- [ATTITUDEX.COM] http://www.attitudex.com/ --------------------------- _____________________________________________________________ Run a small business? Then you need professional email like [EMAIL PROTECTED] from Everyone.net http://www.everyone.net?tag
