[f-nsp] mac address forging !
Niels Bakker
niels=foundry-nsp at bakker.net
Sun Nov 28 19:51:24 EST 2004
* mraptor at gmail.com (iVAN G) [Sat 27 Nov 2004, 00:00 CET]:
> Yes I thought about this, but this only protect for authenticating the
> correct user once it is auth the user can modify the IP address with
> whatever it wants i.e forge the address.
IP address, not MAC address as you said in the subject of your mails.
IP is one layer above where the switch operates. Look at the router.
Right now I know of no workable "secure arp" implementation, you'll
probably want to look at IPsec and force all traffic to be properly
encrypted and authenticated.
> i.e. it will be able to present himself like different user.
> How do u protect from this ?
Best of luck securing your end stations against malware designed to
steal your users' certificates
-- Niels.
--
More information about the foundry-nsp
mailing list