tag:blogger.com,1999:blog-4088979.post3887253048179025451..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: ARP Spoofing in Real LifeRichard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger12125tag:blogger.com,1999:blog-4088979.post-17719851104878991662009-06-16T06:49:49.989-04:002009-06-16T06:49:49.989-04:00This comment has been removed by a blog administrator.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-75862329392354824072007-10-05T09:42:00.000-04:002007-10-05T09:42:00.000-04:00Looks like there's another one to add to your list...Looks like there's another one to add to your list:<BR/>http://www.avertlabs.com/research/blog/index.php/2007/10/04/arp-spoofing-is-your-web-hosting-service-protected/Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-64604639531320372232007-07-09T06:03:00.000-04:002007-07-09T06:03:00.000-04:00This comment has been removed by a blog administrator.Gauravhttps://www.blogger.com/profile/10378803402722584639noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-74362320258999871392007-07-08T20:30:00.000-04:002007-07-08T20:30:00.000-04:00CG,I will probably post the traces to OpenPacket.o...CG,<BR/><BR/>I will probably post the traces to OpenPacket.org when the site is live.<BR/><BR/>Chuck,<BR/><BR/>I've considered video but the cost and time requirements are prohibitive.Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-62468557100932843242007-07-08T15:21:00.000-04:002007-07-08T15:21:00.000-04:00There might be interest in video reproductions of ...There might be interest in video reproductions of your classes.<BR/><BR/>ChuckAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-83413813132521776862007-07-08T12:58:00.000-04:002007-07-08T12:58:00.000-04:00any chance of you releasing any of those network t...any chance of you releasing any of those network traces to the public since you wont be teaching the class anymore?CGhttps://www.blogger.com/profile/11061967917509053185noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-21678309313339993372007-07-06T20:19:00.000-04:002007-07-06T20:19:00.000-04:00Anonymous,I think a book on Sguil would be overkil...Anonymous,<BR/><BR/>I think a book on Sguil would be overkill. An ebook might work. However, I just don't have time for it now.Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-62132586459797746992007-07-06T19:17:00.000-04:002007-07-06T19:17:00.000-04:00Richard, words can not express how sad I am that y...Richard, words can not express how sad I am that you apparently decided not to write a book on Sguil. I'm sure I'm not alone either, and I hope you end up changing your mind.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-79964917297417272272007-07-06T16:22:00.000-04:002007-07-06T16:22:00.000-04:00Awesome. Too bad it's so far away (end of 2008/be...Awesome. Too bad it's so far away (end of 2008/beginning of 2009).Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-3217160927619193062007-07-06T16:05:00.000-04:002007-07-06T16:05:00.000-04:00Hi Dave,I am considering writing a book called Hac...Hi Dave,<BR/><BR/>I am considering writing a book called <A HREF="http://www.taosecurity.com/books.html" REL="nofollow">Hacking TCP/IP Illustrated</A> covering these topics.Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-5091137724292982852007-07-06T15:59:00.000-04:002007-07-06T15:59:00.000-04:00Hi Richard, Since it looks like you're no longer ...Hi Richard,<BR/> Since it looks like you're no longer going to be teaching "TCP/IP Weapons School", I was wondering if you had considered writing a book that covers the material found in the course. Unfortunately, I haven't been fortunate enough to attend any of your classes, but I'd definitely buy a book that covers this material. Just my $0.02 and good luck at GE.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-89820010284616017292007-07-06T12:07:00.000-04:002007-07-06T12:07:00.000-04:00If somebody combined AttackAPI with these Ettercap...If somebody combined AttackAPI with <A HREF="http://www.irongeek.com/i.php?page=security/ettercapfilter" REL="nofollow">these Ettercap filters</A> or airpwn, they could own the whole browser. The "XSS Attacks" book covers this.<BR/><BR/>The only way to stop that sort of attack for sure would be to run a browser with no support of Javascript (Javascript turned off, or using NoScript may not be enough) -or- to make sure that all your browser traffic is encrypted by an IPSec tunnel, SSL VPN, or very similar encrypted method.<BR/><BR/>I guess this would be a good reason to stress the use of IPSec or SSL VPN for all outgoing connections while using WiFi, and possibly even on the LAN. The Cisco DAI feature prevents MITM attacks such as arp poisoning, but only under the right other conditions and configuration/environmental settings.drehttps://www.blogger.com/profile/17414510788948258195noreply@blogger.com