Security Basics mailing list archives
RE: Network Configuration Question
From: "Madalina Sersea" <Madalina.Sersea () connex ro>
Date: Thu, 7 Nov 2002 16:23:17 +0200
WLBS (Windows Load Balancing Service) or some types of clusters may be the cause. The hosts that participate in such a "WLBS construct" have each their own IPs and own MACs. But they comunicate with a virtual IP and virtual MAC. The first switch (the hosts are directly connected in) can't learn this virtual MAC and can't attach this MAC to a specific port. That's why the switch will forward the packets to these hosts on every port. Not only you, but every other computer with the network card in promiscuous mode will see theses packets , even in the other switches in the ierarchy. Look in the switch, into the table that keeps the correspondence MAC-port. Madalina SERSEA LAN/WAN Development Engineer
We are on a 100mbs switched network (I believe switched but ..). Now imagine my surprise when I could pick up trafficfrom around 6other machines, including HTTP, POP, SMTP and all the associated passwords. Some of the machines were geographically close to me inthe officebut not all. How could this happen on a switched network -has one ofthe switches fallen over into broadcast mode or something?If so how doI go about determining (remotely) why/how it has fallenover, who elseis on the segment, and what other avenues do I have to explore? Thanks in advance
------------------------------------------------------------------------------- The content of this communication is classified as Mobifon SA Romania Confidential and Proprietary Information.The content of this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by responding to this communication then delete it from your system. We appreciate your assistance in preserving the confidentiality of our correspondence. Thank you. Prezentul mesaj constituie o Informatie confidentiala si este proprietatea exclusiva a MobiFon S.A.. Mesajul se adreseaza numai persoanei fizice sau juridice mentionata ca destinatara, precum si altor persoane autorizate sa-l primeasca. In cazul in care nu sunteti destinatarul vizat, va aducem la cunostinta ca dezvaluirea, copierea, distribuirea sau initierea unor actiuni pe baza prezentei informatii sunt strict interzise si atrag raspunderea civila si penala. Daca ati primit acest mesaj dintr-o eroare, va rugam sa ne anuntati imediat, ca raspuns la mesajul de fata, si sa-l stergeti apoi din sistemul dvs. Apreciem si va multumim pentru sprijinul acordat in pastrarea confidentialitatii corespondentei noastre. -------------------------------------------------------------------------------
Current thread:
- RE: Network Configuration Question Madalina Sersea (Nov 07)