how to block MSN Sniffer

Protecting your Linux box

Postby mudasir » Sun Sep 02, 2007 1:00 am

AOA,

I know how to block it by using ISA server, have done it a long time ago..
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
mudasir
Captain
 
Posts: 565
Joined: Tue Oct 17, 2006 5:23 am
Website: http://www.crystalnetworks.org
Location: Dubai

Case of Arp spoofing & MAC Spoofing!

Postby securitykid » Tue Oct 23, 2007 11:33 am

Hi Guys,

Sorry for jumping in!, a case is ARP Spoofing (ARP Poisoning) & MAC Spoofing, Solutions are there BUT depends on size of network & budget.

Just for an original requester information "Not just only the MSN & Yahoo conversations, if an attacker is extra smart(which I am doubt he is) can even launch DNS poisoning and redirect users to login to to forged MSN or YAHOO websites and steal a use full informations, He/she can get the passwords roving over the network in clear text (Which I know do in most LANs) & lot others... not good to define in such posts. (I use to do lot when I was curious geek :) )

-------Solutions / Workaround-----

Small & Low budget Networks:

There is no common defense against ARP spoofing when it comes to low budgets networks. Although there some workaround to limit the damage.

Try encouraging/force users to install desktop firewalls, there are some good firewalls which can detect the possible ARP Poisoning and MAC Spoofing when it occurs, and sometimes lock an attackers machine itself, IF he is not doing it intentionally, MAYBE a Trojan(who knows)

or If he is doing it intentionally doing it, hmmm let me remember there is an other way around to encounter.... by the way how do you detected an attacker? wait for my next post I might come up with some solutions also I will give you the links & downloads for such softwares if forum ADMIN allow me to do that (Dear ADMIN Asking your permission? I am new in linuxpakistan)

For Large or HIGH Budget networks

Managed switches are good solution proposed by one of my brother earlier.

There are lot others, if anyone interested, I will love to share

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=---=-=-=-=

So if admin allows me to post links I may give you workaround to limit the damage, by the way I remember in last that I use to kill other ARP Poisoning attacks so that I can remain wholly solly! and control over the network, (when I use to play with such hacking Techniques) ;), I would say not a hacking actually its is exploiting the limitations of Network and devices.

For me if you want to protect your network from such bullies users you have to become one of them by this at least you will protect your user privacy

Thanks

SecurityKID
Last edited by securitykid on Sun Nov 18, 2007 12:34 am, edited 1 time in total.
SecurityKID-ITdotCOM
Security Every Where! BUT where? :)
securitykid
Naik
 
Posts: 70
Joined: Sat Oct 20, 2007 5:18 am

Seems like no one interested :)

Postby securitykid » Wed Oct 24, 2007 11:06 am

I got an approval from admin,

BUT seems like no one interested :)

I didn't get any comments

Thanks

SecurityKID-ITdotCOM
Last edited by securitykid on Sun Nov 18, 2007 12:26 am, edited 1 time in total.
SecurityKID-ITdotCOM

Security Every Where! BUT where? :)
securitykid
Naik
 
Posts: 70
Joined: Sat Oct 20, 2007 5:18 am

Postby raheelahmad » Wed Oct 24, 2007 12:08 pm

Security is not cheap thats what I said in begning.. ne how gud to know from u as well ..
-
Raheel Ahmad
raheelahmad
Naik
 
Posts: 87
Joined: Tue Mar 06, 2007 4:58 am
WLM: ahmad.raheel@hotmail.com
Yahoo Messenger: ahmad.raheel@yahoo.com
Location: Karachi

Postby securitykid » Thu Nov 15, 2007 11:03 am

Guys,

I am researching on build a Linux Security box which will prevent / Limit ARP spoofing, MAC spoofing and other layer 2 limitation attacks.

Lets hope for you good news real soon

I'll keep you updated

Thanks
SecurityKID-ITdotCOM

Security Every Where! BUT where? :)
securitykid
Naik
 
Posts: 70
Joined: Sat Oct 20, 2007 5:18 am

Postby x2oxen » Thu Nov 15, 2007 3:31 pm

Hey KID you dont seemes to be a kid :-p waiting for your posts cause am also eager to secure my networkas get alot of attacks now a days!
Muhammad Usman
+92-321-6640501
Chemonics International
http://usmanpk.com
x2oxen
Major General
 
Posts: 1114
Joined: Wed Aug 22, 2007 3:17 pm
Website: http://usmanpk.com
WLM: x2oxen@hotmail.com
Yahoo Messenger: x2oxen
Location: Faisalabad

Postby securitykid » Thu Nov 15, 2007 4:19 pm

If its related to MSN Sniffing, wait in this topic...

other issues you can discuss in my other Topic

Thanks[/list]
SecurityKID-ITdotCOM

Security Every Where! BUT where? :)
securitykid
Naik
 
Posts: 70
Joined: Sat Oct 20, 2007 5:18 am


Return to “%s” Security

Who is online

Users browsing this forum: Google [Bot] and 1 guest