Date: Thu, 4 Feb 1999 12:52:54 +1100 From: Peter Jeremy <peter.jeremy@auss2.alcatel.com.au> To: robert+freebsd@cyrus.watson.org Cc: security@FreeBSD.ORG Subject: Re: tcpdump Message-ID: <99Feb4.124301est.40344@border.alcanet.com.au>
next in thread | raw e-mail | index | archive | help
Robert Watson <robert@cyrus.watson.org> wrote: >Keep in mind also that ethernet-layer switching doesn't protect against >IP-layer spoofing and sniffing. In my experience, switches tend to leak packets anyway: On a switched segment, I regularly see unicast packets intended for other ports - in one test, I found around 2% of the packets were leakage. This is likely to be highly variable depending on the particular switch, switch firmware and network load. [I originally found this by accident, but since then, I have checked a couple of different switches and firmware versions with similar results each time.] Basically, don't rely on a MAC-level switch to provide security. They are generally designed to enhance performance (by getting unnecessary traffic off the wire), rather than security. Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?99Feb4.124301est.40344>