ARP poisoning etc (was: mixed system backups)

Richard Cottrill richard_c at
Thu Jan 3 22:55:19 EST 2002

I'm aware of ARP poisoning as an attack (and using arpwatch to counter) on a
switched network; but what are other ways to redirect traffic on a switched



Damien's prophetic words:
>"Alfred" <alfred at> writes:
>> Unless you use one of the many possible hacks to redirect the data past a
>> compromised machine :) (its pretty trivial to do and hard to counter).
>> > If you have switches or secure hubs then only the two endpoints of a
>> > connection see that traffic.
>yeah, AFAIK even on a switch you can spoof ARP packets and do a man in the
>middle attack. it's not a trivial process compared to a standard exploit,
>it's not impossible and there are tools out there that can help you with

More information about the linux mailing list