Problems? See this thread at archive.org.
Since it is so easy to do, say on a corporate scale, how can an admin protect their network from nat poisoning? I know using vlans to segment the network and secure off different areas of the place would help, but what if say joe the accounting intern on the accounting network nat poisoned another computer in there which allowed him to receive information or passwords from another computer on the accounting vlan? I can not see any way to protect this? And also, is the only way to detect it is being done to a specific computer by doing a tracert to that computer, right?
-
The one thing i was thinking of is if a script could be written to auto tracert a packet to every host and then compare it against the known good connection path. And if different raise a flag. Is any of this possible on router level without using a script?
I know there are a few networking guys here
How to protect against ARP poisoning?
Discussion in 'Networking and Wireless' started by nizzy1115, Jan 15, 2009.
