Date: Tue, 07 Sep 1999 23:33:52 -0700 From: dmp@aracnet.com To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: ks@itp.ac.ru, freebsd-security@FreeBSD.ORG Subject: Re: Layer 2 ethernet encryption? Message-ID: <37D60350.6E85A7A1@aracnet.com> References: <XFMail.990907105629.ks@osi.ru> <37D4BCC2.34AFAE9D@aracnet.com> <199909071339.JAA11485@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Garrett Wollman wrote: > <<On Tue, 07 Sep 1999 00:20:34 -0700, dmp@aracnet.com said: >> I have two problems. The first is that EM emissions on UTP allows >> one to monitor all traffic on that cable. > > Use fiber NICs. Short of winning a significant lottery, it would be economically impossible to move the network to fibre, there's too many nodes to upgrade. >> The second is that a >> sniffer run on an authorized machine will be able to see the source >> and destination IP and port of all IP traffic on it's segment. > > Use a good switch and hard-wire the bridge table. The network currently can't be segmented any more than it is without breaking it's applications. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?37D60350.6E85A7A1>