Network Security – Arp spoofing series
I think I’ve wrapped up the series on arp spoofing and it’s implications for network security. I know there’s nothing earth shattering here, most network security types are well aware of the problems (and perhaps aware of more sophisticated solutions?). For some though, this series is likely an eye opener as there are myths that switches cannot be sniffed, that ONLY wireless data packets can be sniffed, etc. etc.
I’ve not given clear details on the software or specifics of arp spoofing in part because I don’t want to be writing a “how to hack” guide. The information is freely available as are the tools. They can be used to audit your own network security or they can be used offensively. I (and it should be noted most of the authors of the mentioned tools), would prefer these tools not be misused. If you’re interested in this, learn against your own network, use these tools to learn how you are vulnerable and how to take countermeasures to protect your network.
The bottom line on arp poisoning is to be clear on where your “unsecure” network access points are and farm those “unsecure” network ports to seperate subnets. It reminds me of my college when I was in school, there were a lot of ethernet ports everywhere, they had just gone through retrofits of the buildings. I wonder now how many of those ports were live and whether there was any caution of subnetting these network access ports seperate from the faculty office network ports?
Another solution would be, if you have network ports in publicly available areas, simply disconnect them from the switch until needed. Of course, these days wireless is more of a threat in this sense. Be careful about how you deploy wireless, especially if it’s open access for public use, be careful to seperate it from your “safe” network. As I’ve mentioned several times, the kinds of attacks I mentioned are VERY easy to pull off and are largely unnoticable. To drive the point home, with wireless the arp spoofer doesn’t need to be in the same building, but could be a few houses or buildings away.
Popularity: 1% [?]
Related Posts - Network security - how safe is your network? Looking at ARP A while back I did a network security series and one of the points that I mentioned was that it's important to know what is normal for your network. In other words, what machines are NORMALLY connected, what services are normally running, etc. Well, I'm about to start a serious......
- Network Security guide for the home or small business network - Part 16 - Learn about the enemy I remember I had a geography teacher once that was a former Marine and he said when he was growing up it was the height of the cold war and geography was interesting to him from a "know your enemy" point of view. That's a good concept to apply to......
- Network Security guide for the home or small business network - Part 19 - What about when you're not on your home network? When you're not at your home network is probably one of those times you should be more on your guard. Wireless access points are very common and a greatly useful thing, but there are some steps you should take to protect yourself, your pc and the data stored there. First......
Related Websites - Wireless Broadband Internet-whether It Is LAN Or WAN Service-is Associated Having A Wireless broadband Internet-whether it is LAN or WAN service-is associated having a number of diverse myths. These typically center on security and need to do with anxiety about how info is transmitted over a wireless connection and, furthermore, need to do with concerns about eavesdropping, in several cases. You will......
- The Wireshark Certification Exam The Wireshark Certified Network Analyst Exam is NOW AVAILABLE ! The Exam is available globally in a proctored format through Kryterion. Currently the Exam is only available in English. The Wireshark Certification Exam was designed to confirm individual competencies in using Wireshark to locate the cause of network problems (poor performance or security-related)......
- Lorex Security Solutions LOREX is a global leader in video security camera solutions offering exceptional performance with a wide range of products including security cameras, wireless security cameras, ip cameras (network security cameras), security dvrs, observation systems and other complete security systems. LOREX solutions are easy to setup and features plug and......
Similar Posts
- Network security – what does arp spoofing mean for wireless?
- Network Security – how should an open wireless access point be run beside a safe network?
- Good wireless security post
- Network Security – Defenses against arp spoofing
- Wiring