[nycphp-talk] Basic security question
John Lacey
jlacey at att.net
Wed Jul 14 16:22:55 EDT 2004
Mitch Pirtle wrote:
>
> The swiss-army knife of scanners seems to be NMAP, with Nessus good
> for purty reports and ethereal for snooping. My favorite is ettercap,
> an evil tool that enables you to poison a switch, therefore seeing the
> rest of the traffic on that segment (that you weren't supposed to
> see). I got a great security story about that if anyone is interested
> off-line. ;)
hmmm... if you can "convert" the switch port to be a monitor port,
assuming it's not running VLANs or in full duplex mode... I'm familiar
with poisoning a RIP route, but haven't heard that term applies to a
switched segment.
btw, if anyone wants a swiss army knife of security tools:
http://www.edmunds-enterprises.com/linux/cart.php/ba/pdtl/product/225
and the home:
http://knoppix-std.org/
John
More information about the talk
mailing list