Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 29 Jul 1997 12:52:38 -0400 (EDT)
From:      Christopher Petrilli <petrilli@amber.org>
To:        Warner Losh <imp@village.org>
Cc:        Robert Watson <robert@cyrus.watson.org>, security@FreeBSD.ORG
Subject:   Re: Detecting sniffers (was: Re: security hole in FreeBSD) 
Message-ID:  <Pine.BSF.3.95q.970729125111.22895A-100000@chaos.amber.org>
In-Reply-To: <E0wtF5l-0006nV-00@rover.village.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 29 Jul 1997, Warner Losh wrote:

> In message <Pine.BSF.3.95q.970728215803.4839A-100000@cyrus.watson.org> Robert Watson writes:
> : host.  Promiscuous mode simply disables the filter.  The only way to
> : prevent the packets from being sniffable is to prevent them from going on
> : the wire in question -- smart hubs (switches) do this, so are desirable.
> 
> Well, there is strong encryption.  While it doesn't prevent sniff of
> the packets, per se, it generally leaves you with garbage and produces
> the same net effect.

I will note that there are a few people (ODS and Bay Networks included)
who make what is called "secure Ethernet", which basically learns what MAC
address is on each port, and scrambles frames that are not destined for
that MAC.  What usually happens is it replkaces the data paylode with
alternating 0/1, and fixes the checksum.  It works just fine :-)  It's
also generally cheaper than a switch.

Christopher




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95q.970729125111.22895A-100000>