On Sunday 25 March 2007 08:41, Jason Dixon wrote:
> On Mar 25, 2007, at 11:24 AM, bofh wrote:
> > On 3/25/07, Jason Dixon <[EMAIL PROTECTED]> wrote:
> >> Disabling DTP, which should be done anyways, will prevent VLAN
> >> hopping.  I'm not sure what "arp-based thing" you're referring to
> >> that wasn't fixed 5-6 years ago.  Perhaps you're referring to arp
> >> spoofing, which has nothing to do with VLANs.  Please clarify.
> >
> > My point was that there may be future vulnerabilities, and it may
> > be a good idea to keep that in mind for the original poster's
> > designs.
>
> There may also be future vulnerabilities in physical ethernet.  Guess
> you'd better unplug now!  ;-)
>

Future? -Nope. It's been already done.

http://www.wired.com/news/technology/0,70619-0.html
http://www.wired.com/news/technology/1,70908-0.html

Though the example is not formally "ethernet," physical access to the 
"tubes" still means you should consider yourself 0wnd.

But bofh is kinda right, arp-cache poisoning (possibly the "thing" he 
was talking about?) is really very interesting.

kind regards,
JCR

Reply via email to