From owner-freebsd-security Fri Aug 20 13:19:28 1999 Delivered-To: freebsd-security@freebsd.org Received: from toaster.sun4c.net (toaster.sun4c.net [63.193.27.6]) by hub.freebsd.org (Postfix) with ESMTP id 8078E14EE7 for ; Fri, 20 Aug 1999 13:19:25 -0700 (PDT) (envelope-from andre@toaster.sun4c.net) Received: (from andre@localhost) by toaster.sun4c.net (8.9.3/8.9.3) id NAA20101; Fri, 20 Aug 1999 13:37:00 -0700 (PDT) Date: Fri, 20 Aug 1999 13:36:59 -0700 From: Andre Gironda To: Joel Maslak Cc: freebsd-security@freebsd.org Subject: Re: Switches & Security Message-ID: <19990820133659.B19220@toaster.sun4c.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95i In-Reply-To: ; from Joel Maslak on Fri, Aug 20, 1999 at 02:06:02PM -0600 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org you can't rely on switches for security. this is fairly well-known. i've yet to see much analysis or documentation on this, however. here are a few links for the curious: http://www.securityfocus.com/templates/archive.pike?list=1&date=1998-10-08&thread=Pine.OSF.4.03.9810122112070.6019-100000@gcinfo.gc.maricopa.edu most of the attacks known have to do with either filling up forwarding tables or "leakage" of traffic. there are other, more dangerous attacks that involve the actual protocols themselves (via ieee 802). not to mention attacks on ipv4, arp, icmp, etc. traffic can be SNIFFED. encrypt and authenticate all your traffic if you want it to be safe. researching vpn's and ipsec is step one. dre On Fri, Aug 20, 1999 at 02:06:02PM -0600, Joel Maslak wrote: > > To compromize a network consisting of a switched backbone... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message