[nflug] **Security Group**
vlok stone
vlokstone at yahoo.com
Fri Dec 23 08:33:36 EST 2005
I don't know if there's a definitive way to tell, but
looking for
a NIC in promicuous mode may help.
--- Tony Abou-Assaleh <taa at acm.org> wrote:
> > Here's a hypothetical situation...
> >
> > An ISP sets up shop and offers interent
> connections on private IP addresses.
> > They follow
> > a static IP Addressing scheme. They further use
> username and password
> > binding to the user MAC
> > for obvious reasons. Now, an ingenious user takes
> an IP from an active user
> > in the same subnet
> > (not currently active though or could even be
> active.)
> >
> > He changes MAC to reflect the chosen user and
> emulates him. In full control
> > of the system, he
> > performs active and passive reconnaissance.
> >
> > Is there a definitive way of finding out the
> person in question??
>
> This is one of the issues that IPSec should be able
> to solve. As a
> reminder, IPSec can be deployed with IPv4, but
> requires support on both
> ends.
>
> Cheers,
>
> TAA
>
>
-----------------------------------------------------
> Tony Abou-Assaleh
> Lecturer, Computer Science Department
> Brock University, St. Catharines, ON, Canada, L2S
> 3A1
> Office: MC J215
> Tel: +1(905)688-5550 ext. 5243
> Fax: +1(905)688-3255
> Email: taa at acm.org
> WWW: http://www.cosc.brocku.ca/~taa/
> ----------------------[THE
> END]----------------------
> _______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug
>
First they ignore you, then they laugh at you, then they fight you, then you win
- Mohandas Gandhi
__________________________________________
Yahoo! DSL Something to write home about.
Just $16.99/mo. or less.
dsl.yahoo.com
_______________________________________________
nflug mailing list
nflug at nflug.org
http://www.nflug.org/mailman/listinfo/nflug
More information about the nflug
mailing list