Networking things Was: RE: [Techtalk] DHCPD Question

Almut Behrens almut_behrens at yahoo.com
Fri Oct 12 08:37:41 EST 2001


Wow -- deeply impressed by those nice descriptions from Kath and
Raven! If I were in the position (and appropriate location of the
world), I'd immediately hire you, Kath, to make your dreamjob come
true... :)

On Thu, Oct 11, 2001 at 07:51:47PM -0400, Kath wrote:
> <snip>
> 
> On every network card there is a MAC address, which uniquely identifies the
> computer.  The switch will do a broadcast and poll the devices on each port
> for a list of MAC addresses of connected devices.

...not much left to add, and the networking cracks here certainly
already know:  it's this broadcasting technique of switches where
ARP spoofing can get its handle on (though some switches allow to
take precautions against it). For a short intro see

http://www.techhybr1d.org/TextWare/intro_to_arp_spoofing.pdf

For those who want to play around with this (in their home LAN only,
of course!), there's the 'dsniff' collection of tools, which also
allows for interesting uses like network monitoring:

http://www.linuxsecurity.com/feature_stories/feature_story-89-print.html

(also remotely related to the recent MRTG thread)

Cheers,

- Almut





More information about the Techtalk mailing list