[nsp-sec] How to hijack traffic for an entire Content/Ad Company - ARP Poisoning revisited - 8800.org / 6600.org badness
Chris Morrow
morrowc at ops-netman.net
Thu Mar 27 11:15:07 EDT 2008
On Thu, 27 Mar 2008, Seth Hall wrote:
> ----------- nsp-security Confidential --------
>
>
> On Mar 27, 2008, at 10:32 AM, Lawrence Baldwin wrote:
>>
>> Who needs Adware...let's hack the content servers themselves and
>> take ALL
>> the traffic...sweeeet.
>
>
> Thanks for that write up! We've seen a couple of instances of these
> layer-2 tricks on our network, stemming from the laptops of Asian grad
> students (the laptops were compromised). What you described is what
> we've really been worrying about, seeing these same tricks on server
> networks and I'm slightly more nervous now that it is actually
> happening.
so.. port-security is a solved problem for datacenters no?? Also, Barry
should chime in here with some more/other direct experience... Barry??
>
> Here's a tool I ran across while I was investigating one of those
> incidents:
> ZXARPS: http://www.teamfurry.com/wordpress/2007/08/29/zxarps/
More information about the nsp-security
mailing list