[Snort-devel] Man in the middle attacks

Dominick, David David.Dominick at ...540...
Mon Nov 19 12:43:04 EST 2001


Has anybody found an efficient way of detecting man in the middle attacks
that utilize flaws in ARP caching/ One attack in particular, Etercap,
poisons the arp cache of the target machine. I know that sniffing for arp
warnings would be ridiculous, so does anybody have any suggestions?

Thank you,
David Dominick
Enterprise Security Engineering
404-202-2848




More information about the Snort-devel mailing list