Firewall Wizards mailing list archives
Re: Outsourcing firewalls & InfoSec Ops - Part I/II
From: "Paul D. Robertson" <proberts () clark net>
Date: Wed, 17 Dec 1997 09:53:43 -0500 (EST)
On Tue, 16 Dec 1997, chuck yerkes wrote:
With ISP's (that I would work with) who will host machines (or give me full access to one of theirs), in my experience these machines are on a separate segments and usually on a switch - so sniffing from "my" machine becomes somewhat useless.
While that is generally true of customer machines these days, it is not always true of employee-owned machines. While some places manage and have policies for employee-owned machines just like customer ones, others turn a blind eye and treat it as an undocumented feature of employement (or aren't aware of it at all), and they end up on a spare hub, not an expensive switch. Also, in a dynamicly routed environment, LAN sniffing isn't necessary if you can participate in or hijack routing. We haven't started switching internally, so I don't know for sure (anyone?), but I wouldn't be surprised if most switches handed off the multicast addresses involved in things like OSPF to all ports by default either. Anyway, it's part of the risk model that I use for service providers, YMMV. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () clark net which may have no basis whatsoever in fact." PSB#9280
Current thread:
- Re: Outsourcing Firewalls/Internet Security count, (continued)
- Re: Outsourcing Firewalls/Internet Security count David HM Spector (Dec 04)
- Re: Outsourcing Firewalls/Internet Security count Bennett Todd (Dec 05)
- Re: Outsourcing Firewalls/Internet Security count Adam Shostack (Dec 08)
- Re: Outsourcing Firewalls/Internet Security count Rick Low (Dec 04)
- Re: Outsourcing Firewalls/Internet Security count Paul D. Robertson (Dec 05)
- Re: Outsourcing Firewalls/Internet Security count Bennett Todd (Dec 05)
- Re: Outsourcing Firewalls/Internet Security count Larry J. Hughes Jr. (Dec 08)
- Outsourcing firewalls & InfoSec Ops - Part I/II Frank Willoughby (Dec 09)
- Re: Outsourcing firewalls & InfoSec Ops - Part I/II Paul D. Robertson (Dec 15)
- Re: Outsourcing firewalls & InfoSec Ops - Part I/II chuck yerkes (Dec 16)
- Re: Outsourcing firewalls & InfoSec Ops - Part I/II Paul D. Robertson (Dec 17)
- Re: Outsourcing Firewalls/Internet Security count Ted Doty (Dec 05)
- Re: Outsourcing Firewalls/Internet Security count Paul D. Robertson (Dec 05)
- Re: Outsourcing Firewalls/Internet Security count Joseph S. D. Yao (Dec 05)
- Re: Outsourcing Firewalls/Internet Security count Bennett Todd (Dec 08)
- Re: Outsourcing Firewalls/Internet Security count Joseph S. D. Yao (Dec 08)