In a switched LAN that you can listen to traffic sniffers and get the same results as if the network was on a hub. Attacks such as ARP Poisoning is effective when the system lets you change the MAC of the default port dynamically.
Put another way, in a switched network can sniff our traffic safely if we are not statically set the default gateway entry.
This can be done, as the operating system, in the following ways:
In Windows 2008, Vista & 7:
netsh interface ipv4 add neighbors "Local Area Connection" 1.1.1.1 de-ad-be-ef-de-ad
In Windows 2000, XP & 2003:
arp -s 1.1.1.1 de-ad-be-ef-de-ad
For MacOS X:
arp -S 1.1.1.1 de-ad-be-ef-de-ad
On Linux Systems:
arp -s 1.1.1.1 de:ad:be:ef:de:ad
One way to automate it to put in a startup script might be:
arp -s $(route -n | awk '/^0.0.0.0/ {print $2}') \
$(arp -n | grep `route -n | awk '/^0.0.0.0/ {print $2}'`| awk '{print $3}')
For Solaris:
arp -s 1.1.1.1 de:ad:be:ef:de:ad permanent
Source: http://www.securitybydefault.com/2010/10/como-anadir-una-entrada-estatica-en-la.html
thanks!!!
No comments:
Post a Comment