Home > Others

Switch data hijacking

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Many of my friends do not understand the hijacking of switch data. The ghost I wrote before is too cumbersome. I am confused myself. The normal forwarding process is switched. The outgoing packets are routed to the vro through a yellow line. The exchange has a binding relationship between the Mac and the port. We all know that the MAC of the gateway is on the trunk switch, the trunk switch knows that data packets should be forwarded to that port to route.

To steal data from other users, the hack buddy must tell all the ports corresponding to the MAC of the switch gateway to be on our side. Then, the switch is so stupid that it forwards all the data to the hack port.

It is troublesome to use broadcast data packets, which causes a lot of network pressure and is inconvenient to hide. Therefore, it is important to send data packets to a specific location, he decided whether to intercept all the data in the network. We can call it a zombie here.

In the figure, hack sends attacks (red lines) against switches and sends data packets to key hosts under the master switch. This affects all switches. The target of attacks is the gateway's Mac, the general point is to tell the vswitch that, ah, I am the egress of the Gateway. All the data destined for the MAC address of the gateway will go to the port of the hack switch. We can see from the (Green Line) that, all data sent to the gateway is forwarded to the hack port.

At this time, what can hack do? Hey hey, I want to do a lot of things, steal and analyze your plaintext password, and check the use of thunder in the network, etc, recently, a buddy put out a tool ssclone, And he analyzed the data to get people's mailboxes. Unfortunately, I didn't test it successfully. I don't know if it's okay. You have to try again.

What protocol is used?

Whatever it is, non-TCP/IP protocols and firewalls cannot intercept the network. Previously, antiswitch was a tough task. We can define 65535 protocol types, so we are exhausted by those who capture packets.

Because the current technology cannot be found very well, please use the damage by mistake, hey. What can be done to damage it? Hey, packet loss, theft, and so on. Make the network management depressed.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More