Le mar 16/07/2002 à 12:37, alaric@alaricsecurity.com a écrit : > If you decided to participate, please include all information about the > switch(es) you tested (e.g. manufacture, model, managed or unmanaged, how many > ports, firmware/OS version, etc.). Please also include what you tested for > - ARP spoofing, MAC flooding, MAC duplicating, or the like - and what the > results were. All switches are "sniffable" if you use ARP cache poisoning tools such as arpspoof from dsniff package or arp-sk. And sniffing is the little part of the problem, as you can do far more than simply look what's going on. Just see http://www.arp-sk.org/ which is a excerpt from an article written for a french security magazine. -- Cédric Blancher Consultant sécurité systèmes et réseaux - Cartel Sécurité Tél: 01 44 06 97 87 - Fax: 01 44 06 97 99 PGP KeyID:157E98EE FingerPrint:FA62226DA9E72FA8AECAA240008B480E157E98EE
