SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    RE: DH-CHAP



    
    >> For most Switched environment, this attack is possible though for
    >> some switched network (with some special intelligent conficurations,
    >> e.g., if the switch will not broadcast the traffic of initiator to the
    >> attackers's side... however, this configuration is seldom used...
    >> switch is not supposed to be as smart as a router in Internet),
    >> this attack will not work.
    >
    >??? That's exactly what a switch does. If the ethernet packet is not an
    >ethernet broadcast packet, and the switch knows which port the MAC is on
    >(i.e. the MAC of the router), the packet will go out only the port for the
    >MAC.
    
    But the switch has to broadcast again on the outgoing port, right?
    That port is not solely reserved for the target device. What I want
    to clarify here is that: The target device is not generally the only device
    on that Ethernet connected to the outgoing port of the switch.
    All devices on that Ethernet could hear and play the attack.
    
    >See above; with a switch, the broadcast-everything property goes away.
    >That's the point of a switch.
    
    If that is the case, you have a trusted line between the target and 
    initiator, why not just send the clear password? The line
    is dedicated and trusted, even passive attacks are impossible.
    
    Yongge
    

    • Follow-Ups:
      • RE: DH-CHAP
        • From: Paul Koning <ni1d@arrl.net>
      • Re: DH-CHAP
        • From: Jonathan Stone <jonathan@dsg.stanford.edu>
      • RE: DH-CHAP
        • From: Bill Studenmund <wrstuden@wasabisystems.com>
    • References:
      • RE: DH-CHAP
        • From: Bill Studenmund <wrstuden@wasabisystems.com>


Home

Last updated: Mon Apr 15 15:18:22 2002
9679 messages in chronological order