From: Chris Brenton (cbrenton@chrisbrenton.org)
Date: Thu Dec 13 2007 - 07:25:16 EST
On Tue, 2007-12-11 at 13:48 +0000, James Bensley wrote:
> I too have performed MITM attacks on my network with Cain & Able. Also
> having grabbed a few HTTP and FTP passwords seeing that it was
> successful I now need to secure my self against these attacks but how
> can I do this? Would static MAC mappings in my hosts files do the
> trick?
Depends on what you are trying to protect against. There are five
different techniques (that I'm aware of) for sniffing in a switched
network. Each requires a different method of protection.
I've posted a video here:
http://www.chrisbrenton.org/sans/switch-sniffing-final.wmv
which should help.
HTH,
Chris
-- cbrenton@chrisbrenton.org Did you know: djohn permits John The Ripper to crack passwords with multiple systems sharing the load. Visit http://www.sans.org/info/16981 to find out how you can learn more. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:16 EDT