Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FWD: dsniff
- From: Paul Howell
- Date: Mon Jun 26 11:46:57 2000
Hi,
This topic came up on the sans unisog list and seems appropriate to ask
this group about.
< paul
------- Forwarded Message
Date: Mon, 26 Jun 2000 07:07:16 -0400
From: Jorj Bauer <jorj@seas.upenn.edu>
To: unisog@sans.org
Subject: dsniff
Message-ID: <20000626070715.A8764@blue.seas.upenn.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
Sender: owner-unisog@sans.org
Precedence: bulk
At this years' Usenix technical conference (last week), the author of the
dsniff package presented his work (along with an incredible list of
passwords that he had snarfed off of the wireless network there). I won't
bore anyone with details (which you can get, if memory serves, from
www.monkey.org/~dugsong/dsniff) -- the short of it is he has a program to
forge arp replies which basically means that switches are once again hubs
for sniffing purposes. I'm just wondering who (else) on this list is
relying on switch-based security for legacy protocols, and if so, what
potential solutions you're thinking of.
In my case, we're stepping up plans to remove legacy protocols (such as
telnet and ftp) from the network entirely. A very daunting task, to say
the least, but at least we had been discussing it before this arose.
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Jorj Bauer | jorj@seas.upenn.edu
Systems Programmer / Network Specialist | 200 S. 33rd St.
School of Engineering and Applied Science | Moore Building, Room 164
University of Pennsylvania | Philadelphia, PA 19104
http://binky.seas.upenn.edu/~jorj | O: 215/898-0575 F: 215/898-1195
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
------- End of Forwarded Message
|
