We have been working very hard since 2009 to facilitate in your learning Read More. We can't keep up without your support. Donate Now.

www.bit.ly/vucodes

+ Link For Assignments, GDBs & Online Quizzes Solution

www.bit.ly/papersvu

+ Link For Past Papers, Solved MCQs, Short Notes & More


When you are on lan its very easy to sniff you traffic which can be using ARP poising in case of switch and even more easy in case of hub!!!!!!!!!

 

To prevent it use HTTPS instead of simple HTTP.....

Now What HTTPS does for us is that it encrypts our data between our pc and server all through.

By this way sniffers will only get you URL not username and password.

Because using HTTP, your username and password is sent flat on lan i mean it can be read very easily.

For example:

don't use : http://www.facebook.com/

USE: HTTPS://www.facebook.com

 

Not every site support HTTPS.

So what if not every site support HTTPS then what to do... Then search for free VPN service!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

If you are using FireFox then it has a plugin named "HTTPS every were" it will convert every http url to https if it is present.


To check if you are being arp poisoned use "arp -a"(Run>Cmd) it will show arp table to analysis it you must know MAC of you switch if it is change with other than original switch MAC then you had been victim of this vulnerability. 


+ http://bit.ly/vucodes (Link for Assignments, GDBs & Online Quizzes Solution)

+ http://bit.ly/papersvu (Link for Past Papers, Solved MCQs, Short Notes & More)

+ Click Here to Search (Looking For something at vustudents.ning.com?)

+ Click Here To Join (Our facebook study Group)


Views: 120

Comment

You need to be a member of Virtual University of Pakistan to add comments!

Join Virtual University of Pakistan

Comment by Abdul Qayyum on November 11, 2011 at 10:16pm

@ Muhammad Ammar.

Keeping in view the context and audience of your post, I safely conclude that the question relates to switch and not layer 2, 3 or higher layer devices or something of that sort. Of course, even a layer 2 switch if "managed", does have a mac address associated with it for SNMP, telnet and web-based management but thats not the point here. The point is... we commonly use least expensive "unmanaged" switches in our LANs. These switches do not provide any configuration/management interface and therefore, have no reason to have their own mac addresses.

if you do not agree with this, you should describe the procedure to determine the mac address of these common switches.

Comment by Muhammad Ammar on November 11, 2011 at 11:35am

@Qazi Wasim Shahbaz:...........You are well equipped with inof... My brother only Hubs don't have mac; only devices working on layer 2 and 3 (possibly above) have MAC address. yes it can be router also. And if attacker has spoofed his/her MAC then one need little more intelligence............

Comment by Abdul Qayyum on November 10, 2011 at 6:36pm

Https is around for the past 15 years or so, still many websites does not support it. Possible reasons are:

1. Https does not work with virtual hosts. Virtual hosts allow a Web host to serve many websites on a single physical server. In other words, with virtual hosts, a web host can host hundreds of websites over a single server having a single IP address.

2. Https does not support cache.

3. Web developers have to pay for secure certificates.

And now about the benefits, a VU student can derive from Https. Vulms does not have a trusted certificate and if you use try to log on vulms page with https prefix in its url, your browser displays a frightening warning message. Anyway, even if you choose to proceed, you never get the log in interface. Now what is that supposed to mean? Does it mean we are doomed or we just need alternate solutions to fight ARP poisoning and consequential man-in-the-middle attacks?

Well, VU student can benefit from https services of gmail. Here are the urls:

https://www.google.com/a/vu.edu.pk

https://mail.google.com/a/vu.edu.pk

Besides, large web services like yahoo, twitter etc. do have https support because they are immune to the above problems related with https.

Final words to the poster, what makes you think that a switch does have a mac address? I think you have mistakenly typed "switch" in the last line of your post, instead of "router".

Latest Activity

shifa arshad added a discussion to the group CS605 Software Engineering-II
50 minutes ago
shifa arshad joined +M.Tariq Malik's group
54 minutes ago
Profile Iconиαвєєℓ αнмє∂ and Ali Fahad joined +M.Tariq Malik's group
2 hours ago
shifa arshad replied to +M.Tariq Malik's discussion MGT502 Organizational Behavior GDB No 01 Fall 2020 Solution / Discussion in the group MGT502 Organizational Behavior
3 hours ago
shifa arshad joined +M.Tariq Malik's group
3 hours ago
+ !! SARAH replied to Hafiza Tehreem Fatima's discussion BIRTHDAY CELEBRATION OUR BELOVED <MEMBER SARAH ABDUL
4 hours ago
+ ᴄᴏғғᴇᴇ updated their profile
4 hours ago
Rizwan Mushtaq joined +M.Tariq Malik's group
4 hours ago
Arooj Shahid liked 乇メ-丂イひり3刀イ.'s discussion *** My Drawing ***
4 hours ago
Arooj Shahid liked 乇メ-丂イひり3刀イ.'s discussion *** الوداع اردو ***
4 hours ago
Arooj Shahid liked Miss. Churhail's discussion LOVE YOUR LIFE!!!!!
4 hours ago
Arooj Shahid liked Hafiza Tehreem Fatima's discussion BIRTHDAY CELEBRATION OUR BELOVED <MEMBER SARAH ABDUL
4 hours ago
Arooj Shahid liked Omar's discussion Dua
4 hours ago
+!!! ❤️ Shadow Girl❤️!!! liked 乇メ-丂イひり3刀イ.'s discussion *** الوداع اردو ***
5 hours ago
+!!! ❤️ Shadow Girl❤️!!! liked Hafiza Tehreem Fatima's discussion BIRTHDAY CELEBRATION OUR BELOVED <MEMBER SARAH ABDUL
5 hours ago
+M.Tariq Malik replied to +M.Tariq Malik's discussion MGT201 Financial Management GDB No 01 Fall 2020 Solution / Discussion in the group MGT201 Financial Management
5 hours ago
+M.Tariq Malik replied to +M.Tariq Malik's discussion MGT201 Financial Management GDB No 01 Fall 2020 Solution / Discussion in the group MGT201 Financial Management
5 hours ago
Profile IconSaba Shahzadi, waqar, Hammad Syed and 12 more joined Virtual University of Pakistan
5 hours ago
+M.Tariq Malik replied to +M.Tariq Malik's discussion ENG001 Elementary English GDB No 01 Fall 2020 Solution / Discussion Last Date: 04-12-2020 in the group ENG001 Elementary English
5 hours ago
Miss. Churhail liked Omar's discussion Dua
6 hours ago

© 2020   Created by +M.Tariq Malik.   Powered by

Promote Us  |  Report an Issue  |  Privacy Policy  |  Terms of Service

.