From: Dotzero (dotzero@gmail.com)
Date: Wed Dec 12 2007 - 16:23:52 EST
On 12/11/07, James Bensley <jwbensley@gmail.com> wrote:
> I too have performed MITM attacks on my network with Cain & Able. Also
> having grabbed a few HTTP and FTP passwords seeing that it was
> successful I now need to secure my self against these attacks but how
> can I do this? Would static MAC mappings in my hosts files do the
> trick?
>
> Thanks for your time
> Bensley.
>
The first step is to use port lockdown on your switches. I've had
mixed success in locking down the host side of things depending on the
platform. You can always run something like arpwatch to at least
monitor the network and log for MAC address changes.
My next question would be, what http and ftp passwords are crossing
your network? If they aren't important, get rid of them. If they are
important than use SSL for web and use SCP or SFTP for your file
transfers.
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:15 EDT