TUCoPS :: Network Appliances :: sniffing.txt

Sniffing Administrator's Password in Symantec Firewall/VPN Appliance V. 200R


Users inside corporate network (LAN) are able to sniff
administrator's
password by means of ARP poisoning.

To avoid this problem we tried to hardcode administrator's MAC
address
inside firewall's configuratión;

But this was not the solution, as there was possible to perform the
attack under this scenario too.

Is there any way to stop this arp-poisoning attacks against the
firewall?
Our goal is to provide security not only for attacks comming from
Internet,
but also for attacks comming from corporate's internal network (LAN).

We already contacted Symantec's Support but we got no solution from
them.

======================================================================
==
Juan de la Fuente [jfc@robota.net]
Robota Seguridad (http://www.robota.net)
Area de Consultoria.
Tl:913095106
- ----------------------------------------------------------------------
- --
PGP Key ID: 0X42EBD3A2
PGP Key available at: http://www.robota.net/pgp/jfc.asc
======================================================================
==


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH