Network Security – Arp spoofing series

I think I’ve wrapped up the series on arp spoofing and it’s implications for network security. I know there’s nothing earth shattering here, most network security types are well aware of the problems (and perhaps aware of more sophisticated solutions?). For some though, this series is likely an eye opener as there are myths that switches cannot be sniffed, that ONLY wireless data packets can be sniffed, etc. etc.

I’ve not given clear details on the software or specifics of arp spoofing in part because I don’t want to be writing a “how to hack” guide. The information is freely available as are the tools. They can be used to audit your own network security or they can be used offensively. I (and it should be noted most of the authors of the mentioned tools), would prefer these tools not be misused. If you’re interested in this, learn against your own network, use these tools to learn how you are vulnerable and how to take countermeasures to protect your network.

The bottom line on arp poisoning is to be clear on where your “unsecure” network access points are and farm those “unsecure” network ports to seperate subnets. It reminds me of my college when I was in school, there were a lot of ethernet ports everywhere, they had just gone through retrofits of the buildings. I wonder now how many of those ports were live and whether there was any caution of subnetting these network access ports seperate from the faculty office network ports?

Another solution would be, if you have network ports in publicly available areas, simply disconnect them from the switch until needed. Of course, these days wireless is more of a threat in this sense. Be careful about how you deploy wireless, especially if it’s open access for public use, be careful to seperate it from your “safe” network. As I’ve mentioned several times, the kinds of attacks I mentioned are VERY easy to pull off and are largely unnoticable. To drive the point home, with wireless the arp spoofer doesn’t need to be in the same building, but could be a few houses or buildings away.

Related Posts

Blog Traffic Exchange Related Posts Blog Traffic Exchange Related Websites
  • Must Have Garden Tools It is the tools that make the garden in many cases. Having the right tools for your country garden landscape is vitally important if you want to get the most out of your plants. Some of these tools simply cannot be lived without when it comes to gardening on your......
  • Feb Edition of Hackin9 - Network Security Another exciting edition of Hackin9 is out and you can download it here.  Information about this edition is located below: ·  Wuala – Secure Online Storage There are a lot of online storage/backup solutions available nowadays and it is hard to find differences between them, but I think Wuala from......
  • Wireless Broadband Internet-whether It Is LAN Or WAN Service-is Associated Having A Wireless broadband Internet-whether it is LAN or WAN service-is associated having a number of diverse myths. These typically center on security and need to do with anxiety about how info is transmitted over a wireless connection and, furthermore, need to do with concerns about eavesdropping, in several cases. You will......    Send article as PDF   

Similar Posts

See what happened this day in history from either BBC Wikipedia
Amazon Logo

Comments are closed.

Switch to our mobile site