Network Security – Arp spoofing series

I think I’ve wrapped up the series on arp spoofing and it’s implications for network security. I know there’s nothing earth shattering here, most network security types are well aware of the problems (and perhaps aware of more sophisticated solutions?). For some though, this series is likely an eye opener as there are myths that switches cannot be sniffed, that ONLY wireless data packets can be sniffed, etc. etc.

I’ve not given clear details on the software or specifics of arp spoofing in part because I don’t want to be writing a “how to hack” guide. The information is freely available as are the tools. They can be used to audit your own network security or they can be used offensively. I (and it should be noted most of the authors of the mentioned tools), would prefer these tools not be misused. If you’re interested in this, learn against your own network, use these tools to learn how you are vulnerable and how to take countermeasures to protect your network.

The bottom line on arp poisoning is to be clear on where your “unsecure” network access points are and farm those “unsecure” network ports to seperate subnets. It reminds me of my college when I was in school, there were a lot of ethernet ports everywhere, they had just gone through retrofits of the buildings. I wonder now how many of those ports were live and whether there was any caution of subnetting these network access ports seperate from the faculty office network ports?

Another solution would be, if you have network ports in publicly available areas, simply disconnect them from the switch until needed. Of course, these days wireless is more of a threat in this sense. Be careful about how you deploy wireless, especially if it’s open access for public use, be careful to seperate it from your “safe” network. As I’ve mentioned several times, the kinds of attacks I mentioned are VERY easy to pull off and are largely unnoticable. To drive the point home, with wireless the arp spoofer doesn’t need to be in the same building, but could be a few houses or buildings away.

Related Posts

Blog Traffic Exchange Related Posts Blog Traffic Exchange Related Websites
  • Wireless Broadband Internet-whether It Is LAN Or WAN Service-is Associated Having A Wireless broadband Internet-whether it is LAN or WAN service-is associated having a number of diverse myths. These typically center on security and need to do with anxiety about how info is transmitted over a wireless connection and, furthermore, need to do with concerns about eavesdropping, in several cases. You will......
  • Lorex Security Solutions LOREX is a global leader in video security camera solutions offering exceptional performance with a wide range of products including security cameras, wireless security cameras, ip cameras (network security cameras), security dvrs, observation systems and other complete security systems. LOREX solutions are easy to setup and features plug and......
  • Why I Love Pilates and 10 Reasons Why You Should Start Too About 5 years ago, I decided to try Pilates. I had heard it was great for core strength, posture, and toning so figured it was worth checking out. Well, I can say confidently that I love pilates and that I wouldn't give it up for anything. Not only have I......    Send article as PDF   

Similar Posts

See what happened this day in history from either BBC Wikipedia
Amazon Logo

Comments are closed.

Switch to our mobile site