Date: Sat, 21 Aug 1999 05:22:50 GMT From: mike@sentex.net (Mike Tancsa) To: jmaslak@updatesystems.com (Joel Maslak) Cc: freebsd-security@freebsd.org Subject: Re: Switches & Security Message-ID: <37be3727.351980871@mail.sentex.net> In-Reply-To: <MAILPine.LNX.4.10.9908201358560.1547-100000@unix.updatesystems.com> References: <MAILPine.LNX.4.10.9908201358560.1547-100000@unix.updatesystems.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 20 Aug 1999 16:07:48 -0400, in sentex.lists.freebsd.misc you wrote: > >To compromize a network consisting of a switched backbone... >Internet ---- R ----+ > | > A -- SWITCH -- B > >Let's say B got compromised. > >What B has to do is send ARP broadcasts out, claiming that it is actually >R. Now, it knows R's REAL ethernet address. >--- That was method 1. --- On the Catalysts, you can nail down the ARP address statically and have it ignore any other MAC addresses that would leak out. > >There are MANY ways to invalidate the ARP cache of a switch. Some >crash the switch. Even if its hard coded in the switch not to allow any other MAC addresses out ? ---Mike Mike Tancsa (mdtancsa@sentex.net) Sentex Communications Corp, Waterloo, Ontario, Canada "Who is this 'BSD', and why should we free him?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?37be3727.351980871>