Greetz,
(just thought i should add this to the thread)
There is this excellent article by Dexter Lindstorm elaborating
(links/diagrams provided )on sniffing/("upgrading bandwidth attempts") on
cable network architectures
http://rr.sans.org/homeoffice/sniffing.php
.
>
>On Sat, Jun 15, 2002 at 10:53:41AM -0400, David Lagani?re wrote:
> > and I couldn't see anything.. probably for the same reason.. some kind
>of
> > switched network. But I'm not a network guru.. so I might be wrong :)
>
>if it's a simple switched network, ARP attacks will usually do the
>trick, as most admins won't bind a MAC to each port of a switch (at
>least on ethernet) as this is really burdensome and a logistics
>nightmare, because every time a machine moves they have to re-bind that
>NIC's MAC to the new port so it can pass traffic. It is, however, great
>for security because MITM ARP attacks are futile as the switch already
>knows what MAC is on what physical port.
>
>I don't know a whole lot about cable modems, but my guess is that, like
>a DSL line, traffic routed down your line is a function of a hardware ID
>or circuit ID bound to the cable modem itself.
>
>does anyone have in-depth knowledge of cable that can touch on this?
>
_________________________________________________________________
MSN Foto's is de makkelijkste manier om je foto's te delen met anderen en af
te drukken: http://photos.msn.nl/Support/WorldWide.aspx
