Re: AW: security-basics Digest 18 Jun 2003 22:09:15 -0000 Issue 618

["Chris Berry" <compjma () hotmail com>]

> From: David Wallraff <wall0448 () ece umn edu>
> To: Meidinger Christopher <christopher.meidinger () badenIT de>
> CC: "'Hilal Hussein'" <hilalma () hotmail com>,"Security-Basics@Securityfocus. 
> Com (E-Mail)" <security-basics () securityfocus com>
> why is it harder to sniff over a switced network?  i understand it's
> becasue of the switch (natch), but what makes it more difficult?
> dave

Because a hub sends all traffic to all ports, a switch only sends traffic 
destined for machines attached to that port, thus making it hard to listen 
in.  You'd be missing all the traffic on the other ports.  You can get 
around this using the ARP cache but it will cause network slowdown.

Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates

"Within every man beats a heart of darkness." --The Shadow

_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*.  
http://join.msn.com/?page=features/featuredemail


---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
    
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
         
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------