Eavesdropping is simply reading the packets on the network meant for someone else. A MitM is an extension of that since you don't simply listen and read packets, you play a huge role in directing the traffic as well.
If you really WANTED to rewrite data in the payload of the packets and change what the endpoints see or don't see I don't see any reason why you couldn't. You would have to set up a proxy such as squid like you mentioned in order to do so but... without proxy software and capabilities, I still don't see how the computer that the attack originates from could be considered a proxy more so than a router. > DYM Wireshark :-) No, but that would have been funnier ;-P -----Original Message----- From: Tom Chiverton [mailto:[EMAIL PROTECTED] Sent: Thursday, October 05, 2006 4:24 AM To: CF-Talk Subject: Re: Break it down for n00bs: security problems of non-SSL intrane t? On Wednesday 04 October 2006 17:24, Bobby Hartsfield wrote: > You wouldnt inspect or rewrite anything more than a router would. All you > have to do is adjust the headers (just like the router does) for local > traffic then send the packets out the NIC that you are monitoring. > Ethereal, Ettercap or whatever monitor you are using reads the rest of the > packet. You are describing evesdropping, which isn't a MitM attack as such. > 'ettercap' is misspelled and wants to correct it with > 'Ethereal' DYM Wireshark :-) -- Tom Chiverton Helping to authoritatively scale magnetic e-markets **************************************************** This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at St James's Court Brown Street Manchester M2 2JF. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by the Law Society. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 8008. For more information about Halliwells LLP visit www.halliwells.com. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:255635 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
