[86898] in North American Network Operators' Group
Re: Wifi Security
daemon@ATHENA.MIT.EDU (Randy Bush)
Mon Nov 21 14:11:45 2005
From: Randy Bush <randy@psg.com>
Date: Mon, 21 Nov 2005 09:11:13 -1000
To: Niels Bakker <niels=nanog@bakker.net>
Cc: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
> As others pointed out (to me as well), for a _man in the middle_ attack
> (e.g. impersonating www.paypal.com) it is necessary to play ARP games or
> otherwise insert yourself in the flow of traffic.
not really. you just need to be there first with a bogus, redirecting,
dns response.
randy
