Re: AW: security-basics Digest 18 Jun 2003 22:09:15 -0000 Issue 618

["Craig Janssen" <cjanssen () mail millikin edu>]

Since the packets will only be sent to the lan segment that the
destination computer resides on, it's difficult to promiscuously capture
packets going to it if the capturing PC is not on the same segment as
either the source or destination computer.  If you have segmentation per
port (i.e., no hubs at the access layer), it makes it even more
difficult.  This can be circumvented by man-in-the-middle attacks and
fail-open attacks on the switch itself, so they say that segmentation
really isn't a network security method, but it helps.

Craig



______________________________
Craig Janssen, MCP, A+
Network and Internet Services Manager
Millikin University Information Technology Dept
(217) 362-6488
cjanssen () mail millikin edu

> > > David Wallraff <wall0448 () ece umn edu> 06/25/03 10:32AM >>>
why is it harder to sniff over a switced network?  i understand it's
becasue of the switch (natch), but what makes it more difficult?
dave



On Wed, 25 Jun 2003, Meidinger Christopher wrote:

> Hello Hilal,
>
> Yes, there are many tools that will do that. dsniff, ettercap,
ethereal and
> MANY others will read your password as it goes by on the wire. It is
> slightly more difficult on a switched network, but it can still be
done.
> You should not use telnet at all, use ssh (www.openssh.org) instead.
The
> windows client PuTTY is the most common choice to connect over ssh
from
> windows. As far as starting an ssh server on the firewall, you should
be
> able to do that in the same way that you started the telnet server.
>
> If you need more exact help, post to the list what type of firewall
you are
> using, and i am certain someone will help you get started.
>
> (Disclaimer: based on your question, you should [IMHO] definately
read up a
> bit on security before configuring a firewall)
>
> badenIT GmbH
> System Support
>
> Chris Meidinger
> Tullastrasse 70
> 79108 Freiburg
>
>
> -----Ursprüngliche Nachricht-----
> Von: Hilal Hussein [mailto:hilalma () hotmail com] 
> Gesendet: Tuesday, June 24, 2003 10:08 AM
> An: bugtraq () planetcobalt net; security-basics () securityfocus com 
> Betreff: Re: security-basics Digest 18 Jun 2003 22:09:15 -0000 Issue
618
> Hello All,
>
> i am not sure if i am asking the right question within the same
subject,but
> i am configuring the firewall throught the telnet connecting / from
winxp
> workstation.
>
> Is there any possibility for any internal user to use any tools that
will
> haijack my telnet password - password for the firewall too!, and what
are
> the measurements for securing the telnet session.
>
> with regards,
> Hilal Hussein
>
> _________________________________________________________________
> STOP MORE SPAM with the new MSN 8 and get 2 months FREE*
> http://join.msn.com/?page=features/junkmail 
---------------------------------------------------------------------------
> Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top
analysts!
> The Gartner Group just put Neoteris in the top of its Magic
Quadrant,
> while InStat has confirmed Neoteris as the leader in marketshare.
>
> Find out why, and see how you can get plug-n-play secure remote
access in
> about an hour, with no client, server changes, or ongoing
maintenance.
> Visit us at: http://www.neoteris.com/promos/sf-6-9.htm 
----------------------------------------------------------------------------
>
---------------------------------------------------------------------------
> Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top
analysts!
> The Gartner Group just put Neoteris in the top of its Magic
Quadrant,
> while InStat has confirmed Neoteris as the leader in marketshare.
>
> Find out why, and see how you can get plug-n-play secure remote
access in
> about an hour, with no client, server changes, or ongoing
maintenance.
> Visit us at: http://www.neoteris.com/promos/sf-6-9.htm 
----------------------------------------------------------------------------
>

---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top
analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.

Find out why, and see how you can get plug-n-play secure remote access
in
about an hour, with no client, server changes, or ongoing maintenance.

Visit us at: http://www.neoteris.com/promos/sf-6-9.htm 
----------------------------------------------------------------------------


---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------