On 03/01/2011 01:28 PM, Francisco Neira wrote: > On 03/01/2011 01:23 PM, Kelly Fitzgerald wrote: >> Masquerading is an attack done at the network layer. The masquerade >> attack is an attack where an attacker will try to access a computer >> pretending to have an authorized user identity such as a network >> administrator. >> >> On Tue, Mar 1, 2011 at 11:35 AM, dan (ddp) <[email protected]> wrote: >>> What are masquerading attacks? >>> >>> On Tue, Mar 1, 2011 at 10:44 AM, Kholidy <[email protected]> wrote: >>>> Is OSSEC discovering the Masquerading attacks? If yes how? Please, If >>>> possible send me a link to a document which explains this point. >>>> >>>> Thanks, >>>> Hesham >>>> >>> >> >> >> > > Perhaps this could help us. > http://cseweb.ucsd.edu/classes/sp07/cse291-d/presentations/gupta2.pdf >
If we are talking about the same, an analysis of the arpwatch output log will make it. HTH -- Francisco Neira Basso, ISO 27002 Seguridad de la Informacion ISACA No.565432, IEEE No.90934498 Usuario Linux # 165985 Defensoria del Pueblo
signature.asc
Description: OpenPGP digital signature
