test 92778

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Content-Type: text/plain;      charset="iso-8859-1"

Content-Type: text/html;      charset="iso-8859-1"

<BODY contentEditable=3Dtrue>
<P>&nbsp;Address Resolution Protocol (ARP), because of its simpleness, fastness, and effectiveness, is becoming increasingly popular among internet ra=
ggers, thus causing severe influence to the internet environment. <BR>ARP s=
poofing, also known as ARP poisoning or ARP Poison Routing (APR), is a tech=
nique used to attack an Ethernet wired or wireless network which may allow =
an attacker to sniff data frames on a local area network (LAN), modify the =
traffic, or stop the traffic altogether (known as a denial of service attac=
k). The attack can obviously only happen on networks that indeed make use o=
f ARP and not another method. </P>

<P>First, let me introduce you the tools I use are Ax3soft Sax2, there are many such tools, such as Sniffer, Snort, Ethereal, etc, I do not think that=
 the Sax2 is the best tool, I just think that Sax2 is easy-to-use, it can q=
uickly and accurately locate ARP source when ARP attack happens to the netw=
ork, so as to ensure normal and reliable network operation.</P>

<P>Solution:<BR>First, launch sax2 and switch to the Diagnosis View.<BR>Diagnosis View is the most direct and effective place to locate ARP attack and=
 should be our first choice. Its interface is displayed as picture1.</P>

<P>&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; (picture1)</P>

<P>Picture 1 definitely points out that there are two kinds of ARP attack event, ARP Scan and ARP MAC address changed, in the network, and the attack =
source is clearly given at the bottom. Meanwhile, Sax2 NIDS will provide re=
asons of such ARP attacks and corresponding solutions.</P></BODY></HTML><br=

Quoted text here. Click to load it

Site Timeline