Date: Wed, 28 Jul 1999 11:44:42 -0400 (EDT) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: "Jordan K. Hubbard" <jkh@zippy.cdrom.com> Cc: net@freebsd.org Subject: Re: cvs commit: src/release/sysinstall tcpip.c Message-ID: <199907281544.LAA09659@khavrinen.lcs.mit.edu> In-Reply-To: <5505.932695893@zippy.cdrom.com> References: <99Jul23.070924est.40350@border.alcanet.com.au> <5505.932695893@zippy.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Thu, 22 Jul 1999 19:11:33 -0700, "Jordan K. Hubbard" <jkh@zippy.cdrom.com> said: > I actually share your opinion about the proper defense against > sniffing being proper network design (use switches/vlans/etc) and > not turning off bpf, but I'm not the one you need to convince here. :-) Switches won't help (unless you turn learning off and manually configure every Ethernet address in your entire network into every switch). All an attacker has to do to sniff your packets is to send packets pretending to be you, thereby causing the switches to learn the attacker's location. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199907281544.LAA09659>