Bugtraq mailing list archives
Re: False security in switches and a little more Rconsole.
From: peter.jeremy () AUSS2 ALCATEL COM AU (Peter Jeremy)
Date: Wed, 14 Oct 1998 07:28:47 +1000
Chris Zagar <zagar () GCINFO GC MARICOPA EDU> wrote:
Ok, heres a very simple solution: Buy a switch.Actually, switches do help, but they also run the risk of people actually believing that their switched connections are private, lulling you into a false sense of security.
[Description of port monitoring facilities deleted] And quite apart from the documented and intentional port monitoring facilities, the switch may leak packets. I have a number of systems attached via switch ports to our backbone (for traffic purposes). Last year I took some traffic samples from a machine connected to one brand of switch. I recently repeated the test with a different brand of switch. In both cases, there were about 2 packets per second (around 2% of the segment traffic) that were unicast, and not intended for the machine that received them. Moral: Don't rely on your switch for security. Peter -- Peter Jeremy (VK2PJ) peter.jeremy () alcatel com au Alcatel Australia Limited 41 Mandible St Phone: +61 2 9690 5019 ALEXANDRIA NSW 2015 Fax: +61 2 9690 5247
Current thread:
- Re: False security in switches and a little more Rconsole. Peter Jeremy (Oct 13)