Date: Wed, 20 Dec 2000 15:27:41 +0300 From: "Artem Koutchine" <matrix@ipform.ru> To: "Jonas Luster" <JonasL@webex.com>, <security@FreeBSD.ORG>, <questions@FreeBSD.ORG> Subject: Re: What anti-sniffer measures do i have? Message-ID: <006501c06a80$42ec1460$0c00a8c0@ipform.ru> References: <15418A8C5748D411B03A0050DA649E55DB6E75@mailserv2.webex.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello again! Well, i am depressed now :( The issue is even worse than i thought at first. So, SHOUD I upgrade to switches? Will they REALLY help? Or should i build a simple FreeBSD router for each branch of the tree with a buch of ethernet cards. For example. In a room with 8 computers i will install a Pentium MMX with 8 PCI slots and 8 network cards and route pure IP, no MAC addresing (i don't need ipx rounter or anything, just ip). Is there relatively cheap switches wich do the same? Is it even a solution? ----- Original Message ----- From: "Jonas Luster" <JonasL@webex.com> To: <security@FreeBSD.ORG>; <questions@FreeBSD.ORG> Sent: Wednesday, December 20, 2000 1:37 AM Subject: RE: What anti-sniffer measures do i have? > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > I believe most switches are Layer 2 which is MAC based. You would > have to > > know the MAC address of the computer you want to intercept traffic > for, and > > then your switch would have to give you the packets instead of > erroring out > > and or dropping the packets because you can't have two of the same > MAC > > addresses on the network. > > Well, there's MAC/ARP-proxying which allows pretty sophisticated > maninthemiddles and quite a few of the more common switches fall > back into Hub-Mode when you flood them with bogus ARP-entries. > dsniff (ports/security) facilitates those attacks. > > Switches aren't much more secure than hubs, it's more a design- and > speed-issue than a security-thingie to have 'em in your network. > > jonas > > -----BEGIN PGP SIGNATURE----- > Version: PGP Personal Privacy 6.0.2 > > iQA/AwUBOj/jZKM1+GU4JoikEQJuKQCgotacqdAo08/IIw+jnVfbTdgiRQEAn0vI > te4VUx1muy/U6kTluCTvX8oB > =vxQF > -----END PGP SIGNATURE----- > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?006501c06a80$42ec1460$0c00a8c0>