View Full Version : Asynchronous Transfer mode --

06-02-2006, 07:29 AM
Lets reason out various flaws in ATM with reference to TCP/IP......

I will start up with spoofing. Interested posters can add on various other flaws to it..

In this network, attacker can establish a direct ATM connection to that host whenever the ATM address of a server is known. The attacker can register with the IP address of a trusted host by sending a carefully crafted `InATMARP-Reply' message over this connection. After successful registration, spoofed IP packets can be sent over this connection. Moreover, due to the ``ATMARP-Cache poisoning'', the attacked server will send reply packets back to the attacker on the same ATM connection.

Common guys, make this topic interesting...

06-09-2006, 03:11 AM
I don't know the specifics of ATM, I understand it as a technology but haven't studied it extensively.

What you describe here sounds similar, if not exactly the same as ARP Poisoning which in very simple terms is the name for a particular vulnerability in Ethernet technology (for a fantastic explaination, visit here (http://www.grc.com/nat/arp.htm)).

Anywho, ATM itself being a telco-adopted WAN technology is not used in any particularly 'public' settings (by which I mean it's not quite as adopted as a technology such as DSL) and is controlled on both ends by administrators who should understand the connection more completely than an end user of a DSL connection understands how their bandwidth is being delivered. Also, a connection such as ATM should be have it's administration-enabled area be physically secured, as well as being secured logically by layers and layers of routers.

Getting past all that, that exploit sounds particularly nasty in the same way that ARP Poisoning does, it's an unfortunate reflection of our current society that when these technologies were being designed authentication was not required to be thought about and is now being taken advantage of.

It is however relieving to both see technologies like encryption, which nullify the effects of any kind of spoofing or man-in-the-middle attacks and new technologies emerging on layers 2 and 3 that require authentication for connectivity.