Date: Thu, 21 Dec 2000 22:45:54 +0100 From: Gerhard Sittig <Gerhard.Sittig@gmx.net> To: security@FreeBSD.ORG Subject: Re: What anti-sniffer measures do i have? Message-ID: <20001221224554.X253@speedy.gsinet> In-Reply-To: <001901c06b44$d88f6c00$0c00a8c0@ipform.ru>; from matrix@ipform.ru on Thu, Dec 21, 2000 at 02:54:52PM %2B0300 References: <000a01c06ab8$4676a040$1805010a@epconline.net> <001901c06b44$d88f6c00$0c00a8c0@ipform.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Dec 21, 2000 at 14:54 +0300, Artem Koutchine wrote:
>
> So, most of you are saying that a switch would be a solution.
> Anyone can recommed a particular switch wich he/she is using
> without problems?
Have you actually followed the thread? :)
Switches are meant to increase performance at first (by reducing
collisions). The fact that not all traffic is delivered to all
ports is just a side effect and not really a design goal.
Switches *cannot* prevent bad guys from sniffing, as has been
stated before; it's just that it gets a little more difficult
than before, but not really much. You still get non unicast
packets delivered broadly. "Initial" packets the switch hasn't
learned the destination MAC for yet are handled like a hub would
do. Flooding the switches "brain" will have a similar effect and
degrade it to a repeater. And there are the ARP games mentioned
in several other messages one could play -- the switch would
happily deliver packets to where the MAC address points to.
> Also, what about tunnelling??
I thought this would have been the conclusion: encryption being
the only solution, either via software or hardware (well, it
doesn't prevent sniffing, but makes the sniffed data useless:).
Shrinking collision domains is not the most appropriate measure
against sniffing, but more of a network performance increase.
> [ ... fullquote snipped ... ]
virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76
Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net
--
If you don't understand or are scared by any of the above
ask your parents or an adult to help you.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001221224554.X253>