ARP Vulnerabilities - Indefensible Local Network Attacks

Intro
Overview
ARP Message Formats
ARP Request Message
ARP Reply Message
Unsolicited ARP Reply
Types of Attack
Sniffing on a Hub
Switch Sniffing
Host to Host Exploit
Host to Router Exploit
Relay Configuration Attacker
Relay Configuration (cont.)
Sniffing Comments
Session Hijacking/MiM
Denial of Service
DOS MAC Entries Attacker
Web Surfing
Network-based IDS
Hostile Users
Switch Attacks (cont.)
Network "Bombs"
Operating Systems
Not Vulnerable
Firewalls
Session Encryption
Strong Authentication
Port Security (Cont.)
Hard Coding Addresses
Hard Coding Results
Countermeasure Summary
IDS Architecture Issues
OS Level Detection
Hypothetical Detection Application
Public Domain Tools
Bibliography
Demo Environment