|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: DH-CHAPOn Sun, 14 Apr 2002, Yongge Wang wrote: > > > >In your example, is this attack only possible in a HUBed environment? > >Would it still be as easy in a Switched only environment? > > John, > For most Switched environment, this attack is possible though for > some switched network (with some special intelligent conficurations, > e.g., if the switch will not broadcast the traffic of initiator to the > attackers's side... however, this configuration is seldom used... > switch is not supposed to be as smart as a router in Internet), > this attack will not work. ??? That's exactly what a switch does. If the ethernet packet is not an ethernet broadcast packet, and the switch knows which port the MAC is on (i.e. the MAC of the router), the packet will go out only the port for the MAC. While there is an attack mode which puts switches into hub mode (you send way too many new MAC addresses), it is a very noticable DoS attack. > The only requirement for the attack to work is that the > attacker's network card could "see" the request from the initiator. > For most networks, the attacker could see this due to the low-level > broadcast property of Ethernet. See above; with a switch, the broadcast-everything property goes away. That's the point of a switch. Take care, Bill
Home Last updated: Mon Apr 15 14:18:26 2002 9674 messages in chronological order |