Layer 2 security is still important | Static in the Ether

Static in the Ether header image 2

Social Networking
Tags

Annoyances Apache ASN BibTex blog Books conferences Dapper DNS exploit FireFox 3 firewall FreeBSD Google Hacking Hardy Hilbert Curve InetVis Internet JabRef Linux LyX Malware Networking Network Telescope PhD research RFC Security Security Tools spam Squid Tenet Ubuntu Uncategorized Unix Upgrade uptime VizSec Vizualization web 2.0 Windows wordpress x509 XP
Bookshelf
Planned books:
- Hacking Exposed Wireless (Hacking Exposed) by Johnny Cache
- Applied Security Visualization by Raffael Marty
- Real Digital Forensics by Keith J./ Bejtlich, Richard/ Rose, Curtis W. Jones
- Visual Data Mining: Techniques and Tools for Data Visualization and Mining by Tom Soukup
Current books:
- Pro DNS and BIND by Ron Aitchison
- A Handbook of Statistical Analyses Using R by Brian S. Everitt
- Applied Regression Including Computing and Graphics (Wiley Series in Probability and Statistics) by R. Dennis Cook
Recent books:
- Security Metrics: Replacing Fear, Uncertainty, and Doubt by Andrew Jaquith
- Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems by Chris Sanders
- Apache: Inside the Cockpit of the World’s Most Deadly Fighting Machine by Ed Macy
- Forensics by Zakaria Erzinclioglu
- Virtual Honeypots: From Botnet Tracking to Intrusion Detection by Niels Provos
View full Library
Recent Infosec Bookmarks
Count per Day
- 26428Total visitors:
← New Hilbert Release Migrating URLs with apache and mod_rewrite →

Layer 2 security is still important

June 4th, 2008 · 1 Comment

Richard Bejtlich posted a few days ago about the ‘hack’ on the Metasploit webserver as reported by SunBelt. What is interesting is that the actual website wasnt compromised, but rather another system on the same VLAN at the hosting provider which then performed some ARP spoofing magic against the gateway, in effect redirecting traffic to itself.

Richard mentions some other recent hacks which can be attributed to the same technique. If you can control layer 2 why play around at layer 7? This is something that I probably need to emphasize in my upcoming Infosec course next semester.

Tags: Incidents · Security
1 response so far ↓
- 1 2 Static » Blog Archive » Layer 2 security is still important // Jun 6, 2008 at 01:54
  
  [...] Layer 2 security is still important Richard mentions some other recent hacks which can be attributed to the same technique. If you can control layer 2 why play around at layer 7? This is something that I probably need to emphasize in my upcoming Infosec course next … [...]
Leave a Comment

Name

Mail

Website
- Popular Posts
- Twitter: barryirwin
  
  Into the final session at #satnac. Suffering a bit of gastronomic overload :-) 11:22:41 AM September 08, 2010 from web
  
  Talk done for #satnac now I can relax and enjoy the other research presentations 12:31:28 PM September 07, 2010 from web
  
  trying to discuss #cuda architecture stuff with minion in prep for talk at #satnac - lack of coffee is making my head hurt. Oh no a Sigma.. 12:31:26 PM September 06, 2010 from web
  
  Again Africa premier telecoms conf and no free wifi #satnac 08:53:23 AM September 06, 2010 from Twitter for BlackBerry®
- Visitors
- Disclaimer
  
  This blog and its contents are in no way affiliated with, or endorsed by my employer
- Blogroll
- SecurityFocus News
- Tip of the Day
- Top Malware via clamav
© 2006–2007 Static in the Ether — Sitemap — Cutline by Chris Pearson