From owner-freebsd-security Fri Jan 5 18:16:31 2001 From owner-freebsd-security@FreeBSD.ORG Fri Jan 5 18:16:25 2001 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from faith.cs.utah.edu (faith.cs.utah.edu [155.99.198.108]) by hub.freebsd.org (Postfix) with ESMTP id D572937B404; Fri, 5 Jan 2001 18:16:20 -0800 (PST) Received: (from danderse@localhost) by faith.cs.utah.edu (8.9.3/8.9.3) id TAA23840; Fri, 5 Jan 2001 19:16:14 -0700 (MST) Message-Id: <200101060216.TAA23840@faith.cs.utah.edu> Subject: Re: Antisniffer measures (digest of posts) To: res03db2@gte.net (Robert Clark) Date: Fri, 5 Jan 2001 19:16:14 -0700 (MST) Cc: JHowie@msn.com (John Howie), res03db2@gte.net (Robert Clark), matrix@ipform.ru (Artem Koutchine), security@FreeBSD.ORG, questions@FreeBSD.ORG In-Reply-To: <20010105181136.B17723@darkstar.gte.net> from "Robert Clark" at Jan 05, 2001 06:11:36 PM From: "David G. Andersen" X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: danderse@cs.utah.edu Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Yes to token ring, yes to FDDI. If the medium supports broadcast, the odds are good it supports some kind of sniffing, though it may take more or less work to access it depending on your hardware. I must say, though, that this is heading down the wrong line of questions, IMHO. Trying to find a network technology where the NICs are harder to throw into promiscuous mode is like building a glass outhouse and then trying to find nearsighted neighbors. If you want half measures, buy some cheap switches and go for it. If you want more than half measures, you can try the hardcoded MAC + mac security on the switches approach. If you want real security, use end-to-end encryption of some form. -Dave Lo and behold, Robert Clark once said: > > > > I know that ring networks see the traffic as it goes around, > I was more interested in whether the respective NIC chipsets > allow for permiscous mode. > > I seem to remember that its not a given that all network > type hardware allows sniffing. > > FDDI? > > [RC] > > > On Fri, Jan 05, 2001 at 03:56:16PM -0800, John Howie wrote: > > > > ----- Original Message ----- > > From: "Robert Clark" > > To: "Artem Koutchine" > > Cc: ; > > Sent: Friday, January 05, 2001 3:46 PM > > Subject: Re: Antisniffer measures (digest of posts) > > > > > > > I wonder if token ring suffers from this problem? 100VG? > > > > Token Ring is worst of all - all data must pass through every node on the > > ring. Token Bus is no more secure. 100VG offers no better protection than > > most switchable hubs. > > > > john... > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > -- work: dga@lcs.mit.edu me: dga@pobox.com MIT Laboratory for Computer Science http://www.angio.net/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message