Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Can an ethernet bridge be detected ?

From: Francois Labreque <flabreq () ca ibm com>
Date: Mon, 18 Jul 2011 13:47:19 -0400
listbounce () securityfocus com a écrit sur 2011-07-15 19:47:42 :


De : ijk1137 <ijk1137 () gmail com>
A : security-basics () securityfocus com
Date : 2011-07-18 11:55
Objet : Can an ethernet bridge be detected ?
Envoyé par : listbounce () securityfocus com

Hi,

I'm wondering when I setup an ethernet bridge like this:

.--------------.            .---------.            .------.
|workstation pc|------------|bridge 

pc|------------|router|---------internet

'--------------'        eth0'---------'eth1        '------'

-using these commands on 'bridge pc':
||ifconfig eth0 0.0.0.0
||ifconfig eth1 0.0.0.0
brctl addbr bridge0
brctl addif eth0
brctl addif eth1
ifconfig bridge0 up

Is there a way to detect this bridge? Is the 'bridge pc' totally 
transparent / invisible from both sides?



By default, the bridge will send spanning-tree PDUs ever two seconds on 
each interface.  These packets will have the bridge's MAC as a source, so 
the workstation (or the router) running in promiscuous mode will detect 
that the bridge is there.

Also, the router on your diagram may be set to automatically shutdown 
ports upon reception of BPDUs to prevent the insertion of rogue switches 
(which are just multiport bridges)



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: