Layer 2 security is still important

Richard Bejtlich posted a few days ago about the ‘hack’ on the Metasploit webserver as reported by SunBelt. What is interesting is that the actual website wasnt compromised, but rather another system on the same VLAN at the hosting provider which then performed some ARP spoofing magic against the gateway, in effect redirecting traffic to itself.

Richard mentions some other recent hacks which can be attributed to the same technique. If you can control layer 2 why play around at layer 7? This is something that I probably need to emphasize in my upcoming Infosec course next semester.

Share this post: Share this post with the world.

Tags: Hacking

This entry was posted on Wednesday, June 4th, 2008 at 3:46 pm and is filed under Incidents, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Layer 2 security is still important”

2 Static » Blog Archive » Layer 2 security is still important Says:
June 6th, 2008 at 1:54 am
[...] Layer 2 security is still important Richard mentions some other recent hacks which can be attributed to the same technique. If you can control layer 2 why play around at layer 7? This is something that I probably need to emphasize in my upcoming Infosec course next … [...]

Static in the Ether

Layer 2 security is still important

One Response to “Layer 2 security is still important”

Leave a Reply