Date: Fri, 20 Aug 1999 13:36:59 -0700 From: Andre Gironda <andre@sun4c.net> To: Joel Maslak <jmaslak@updatesystems.com> Cc: freebsd-security@freebsd.org Subject: Re: Switches & Security Message-ID: <19990820133659.B19220@toaster.sun4c.net> In-Reply-To: <Pine.LNX.4.10.9908201358560.1547-100000@unix.updatesystems.com>; from Joel Maslak on Fri, Aug 20, 1999 at 02:06:02PM -0600 References: <Pine.LNX.4.10.9908201358560.1547-100000@unix.updatesystems.com>
next in thread | previous in thread | raw e-mail | index | archive | help
you can't rely on switches for security. this is fairly well-known. i've yet to see much analysis or documentation on this, however. here are a few links for the curious: http://www.securityfocus.com/templates/archive.pike?list=1&date=1998-10-08&thread=Pine.OSF.4.03.9810122112070.6019-100000@gcinfo.gc.maricopa.edu most of the attacks known have to do with either filling up forwarding tables or "leakage" of traffic. there are other, more dangerous attacks that involve the actual protocols themselves (via ieee 802). not to mention attacks on ipv4, arp, icmp, etc. traffic can be SNIFFED. encrypt and authenticate all your traffic if you want it to be safe. researching vpn's and ipsec is step one. dre On Fri, Aug 20, 1999 at 02:06:02PM -0600, Joel Maslak wrote: > > To compromize a network consisting of a switched backbone... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990820133659.B19220>