Date: Fri, 5 Jan 2001 21:03:11 +0300 From: "Artem Koutchine" <matrix@ipform.ru> To: "Odhiambo Washington" <wash@iconnect.co.ke> Cc: <questions@FreeBSD.ORG>, <security@FreeBSD.ORG> Subject: Re: Building a local network on switches (ANTISNIFFER measures) Message-ID: <000b01c07741$c85272c0$0c00a8c0@ipform.ru> References: <001101c07727$b7040de0$0c00a8c0@ipform.ru> <20010105185756.A73265@poeza.iconnect.co.ke>
next in thread | previous in thread | raw e-mail | index | archive | help
Somebody said, that there is way to fool but floodding it with weird arpa entries and the switch will fall back into hub mode. I wonder if it is true for all hubs and if I can use non SNMP controllable hub. SNMP controillable ones ARE WAY TOO EXPENSIVE, about 500$ per piece, and i need to substitute 8 hubs, that's at least 4000$. Unreal. So, will i be fine with that CNET CNSH 800 siwtching hub or security costs more? Regards, Artem ----- Original Message ----- From: "Odhiambo Washington" <wash@iconnect.co.ke> To: "Artem Koutchine" <matrix@ipform.ru> Sent: Friday, January 05, 2001 6:57 PM Subject: Re: Building a local network on switches (ANTISNIFFER measures) > * Artem Koutchine <matrix@ipform.ru> [20010105 17:57]: writing on the subject 'Building a local network on switches (ANTISNIFFER measures)' > Artem> Hello! > Artem> > Artem> We have a sniffer problem in our quite distributed network, because it is > Artem> built using hubs. We trying to replace them with switches and as an > Artem> experiment got outselves a CNET PowerSwitch CNSH-800 switching hub. > Artem> However, it does not have any kind of programmatic control and learnes MAC > Artem> addresses itself. I wonder if it is the right thing to use? Could its > Artem> security be > > I am not sure if it is a security loophole. > > Artem> compromised? How (is MAC address spooffing possilble?)? If this switch is > Artem> not the right thing, then which switch is (for reasonable price)? > > I know MAC address spoofing is possible but again how does someone start > guessing a MAC address if they are outside your net? > > Artem> > Artem> Regards, > Artem> Artem Koutchine > Artem> > Artem> > Artem> > Artem> > Artem> To Unsubscribe: send mail to majordomo@FreeBSD.org > Artem> with "unsubscribe freebsd-questions" in the body of the message > > -Wash > > -- > Odhiambo Washington Inter-Connect Ltd., > wash@iconnect.co.ke 5th Flr Furaha Plaza > Tel: 254 11 222604 Nkrumah Rd., > Fax: 254 11 222636 PO Box 83613 MOMBASA, KE. > > To live a pure unselfish life, one must count nothing as one's own in the > midst of abundance. -Buddha > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000b01c07741$c85272c0$0c00a8c0>