Tilted Forum Project Discussion Community - View Single Post

Dilbert1234567 · 12-03-2006, 01:12 PM

There are a few attack vectors, but they are extremely difficult, the one I am most familiar with is a variation on the man in the middle attack.

First, poison the arp table and control all the traffic. Then pretend to be all parties required for the transaction, including every party that handles the encryption certificates. (The hard part). Record all traffic and take what you want. You don’t actually need access to the internals of the network, just a client. arp poisoning is easy, but the certificates is hard, and well out of reach for nearly everyone.

You are relatively safe, but not completely. I’ve mentioned this before, but I’ll say it again, if you are on a wired connection, with a part of the network is unencrypted wireless, you are not secure, and anyone can view all of your internal traffic, wired and wireless.

12-03-2006, 01:12 PM	#10 (permalink)
Dilbert1234567 Devils Cabana Boy Location: Central Coast CA	There are a few attack vectors, but they are extremely difficult, the one I am most familiar with is a variation on the man in the middle attack. First, poison the arp table and control all the traffic. Then pretend to be all parties required for the transaction, including every party that handles the encryption certificates. (The hard part). Record all traffic and take what you want. You don’t actually need access to the internals of the network, just a client. arp poisoning is easy, but the certificates is hard, and well out of reach for nearly everyone. You are relatively safe, but not completely. I’ve mentioned this before, but I’ll say it again, if you are on a wired connection, with a part of the network is unencrypted wireless, you are not secure, and anyone can view all of your internal traffic, wired and wireless. __________________ Donate Blood! "Love is not finding the perfect person, but learning to see an imperfect person perfectly." -Sam Keen