[TCLUG] restarting Redhat 7x via telnet

Fri Aug 17 14:40:48 CDT 2001

> Of course, if you statically assign adresses and dont 
> auto-learn any your safe. :)

You mean IP addresses?  Not so.

About the only way to protect against this kind of attack is to use port
security on your switches and lock them down to one MAC address.  It's a big
pain though, especially in a large organization, or if you have users with
laptops that move all over the place.  

> -----Original Message-----
> From: Scott Dier [mailto:dieman+tclug at ringworld.org] 
> Sent: Friday, August 17, 2001 2:22 PM
> To: tclug-list at mn-linux.org
> Subject: Re: [TCLUG] restarting Redhat 7x via telnet
> 
> 
> * Clay Fandre <clay at fandre.com> [010817 12:51]:
> > Here's a nice writeup that explains why: 
> > http://www.sans.org/newlook/resources/IDFAQ/switched_network.htm
> > > This is totally false. There are many ways to sniff a switched 
> > > network. arp poisoning and arp-cache flooding are the two most 
> > > common. Just check out ettercap or dsniff.
> 
> Of course, if you statically assign adresses and dont 
> auto-learn any your safe. :)
> 
> -- 
> Scott Dier <dieman at ringworld.org> <sdier at debian.org> 
http://www.ringworld.org/  #linuxos at irc.openprojects.net
_______________________________________________
tclug-list mailing list
tclug-list at mn-linux.org
https://mailman.mn-linux.org/mailman/listinfo/tclug-list