>skill and knowledge in the security areana. Some people say you >cannot
>spoof a switched network, I beg the difference. I appreciate

Who says this? The internet by its very nature is switched, and
people have been spoofing on it for humpteen (sp?) years.

> Can someone inside a switched NT network spoof a host to get
>unauthorized access to resources. How easy or hard is it?

Well, that depends. Is access to the resource based on what IP
the client system has? Does NT even offer this as an option? I'm
not much of NT guy anymore, maybe they thought this was better
than broadcasting the poorly encrypted LM hash?

At any rate, I'm really not quite sure what your question means.
Do you mean, could someone who has another system on the same
switch as your NT network spoof another client system to gain
access to a resource protected by an IP-based ACL? If that is
what you mean, I guess in theory it's possible you could DoS
the legitimate client system until it died, and then bring your
system up with the needed IP address.

> Can someone outside the switched NT network spoof a host to >get
>unauthorized access. How can they do this?

Again, not quite sure what you mean. Do you mean someone who is
at least one router hop away from your switched segment? If so:
DoS, sequence number prediction, source routing.

> Can an individual inside or outside the switched NT network >hijack a
>session to get into resources

Actual session hijacking would be difficult without being on
the same segment. But I guess, why would you want to hijack
the session when you could just brute force your way into the
resource?

> What tools would the culprit use?

Probably a lot of things they wrote themself :> , or any number
of available tools. I would start with www.google.com

> Can the individual spoof the host using SYN flooding, >sending spoofed
>ARP replies, MAC flooding/ MAC spoofing/MAC >duplication.

I'm sure any number of those techniques might or might not work.

However, I notice you keep referring to the network in question as
as a "switched NT network" as if this fact might offer some added
security. Is it safe to assume this segment is comprised of NT systems
interconnected via a switch?

I think the key here is to understand that whether they're on a network that
is switched ethernet, a hub, FDDI or token ring, connected via crossover
cables, or dial on demand modems, if they're connected to the internet with
little or no access control someone
can, and will break into them.

-chris
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]