Networking things Was: RE: [Techtalk] DHCPD Question
Almut Behrens
almut_behrens at yahoo.com
Fri Oct 12 08:37:41 EST 2001
Wow -- deeply impressed by those nice descriptions from Kath and
Raven! If I were in the position (and appropriate location of the
world), I'd immediately hire you, Kath, to make your dreamjob come
true... :)
On Thu, Oct 11, 2001 at 07:51:47PM -0400, Kath wrote:
> <snip>
>
> On every network card there is a MAC address, which uniquely identifies the
> computer. The switch will do a broadcast and poll the devices on each port
> for a list of MAC addresses of connected devices.
...not much left to add, and the networking cracks here certainly
already know: it's this broadcasting technique of switches where
ARP spoofing can get its handle on (though some switches allow to
take precautions against it). For a short intro see
http://www.techhybr1d.org/TextWare/intro_to_arp_spoofing.pdf
For those who want to play around with this (in their home LAN only,
of course!), there's the 'dsniff' collection of tools, which also
allows for interesting uses like network monitoring:
http://www.linuxsecurity.com/feature_stories/feature_story-89-print.html
(also remotely related to the recent MRTG thread)
Cheers,
- Almut
More information about the Techtalk
mailing list