[27553] in bugtraq
Sniffing Administrator's Password in Symantec Firewall/VPN Appliance V. 200R
daemon@ATHENA.MIT.EDU (Juan de la Fuente Costa)
Tue Oct 22 12:11:19 2002
From: Juan de la Fuente Costa <jfc@robota.net>
Message-ID: <005701c279ab$c8bc5730$040110ac@mephisto>
To: <bugtraq@securityfocus.com>
Date: Tue, 22 Oct 2002 11:16:58 +0200
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Users inside corporate network (LAN) are able to sniff
administrator's
password by means of ARP poisoning.
To avoid this problem we tried to hardcode administrator's MAC
address
inside firewall's configuratión;
But this was not the solution, as there was possible to perform the
attack under this scenario too.
Is there any way to stop this arp-poisoning attacks against the
firewall?
Our goal is to provide security not only for attacks comming from
Internet,
but also for attacks comming from corporate's internal network (LAN).
We already contacted Symantec's Support but we got no solution from
them.
======================================================================
==
Juan de la Fuente [jfc@robota.net]
Robota Seguridad (http://www.robota.net)
Area de Consultoria.
Tl:913095106
- ----------------------------------------------------------------------
- --
PGP Key ID: 0X42EBD3A2
PGP Key available at: http://www.robota.net/pgp/jfc.asc
======================================================================
==
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBPbUJNR3ZkSFC69OiEQJuOwCeNBmSpgYP4Ou+QA0JhNaudT1CYSkAn3Yd
5961yXGrS/neyxEuc/l+rq++
=2fP9
-----END PGP SIGNATURE-----
