Firewall Wizards mailing list archives

Re: Q on external router

From: Bernhard Schneck <Bernhard_Schneck () genua de>
Date: Wed, 22 Apr 1998 21:31:59 +0200

In message <Pine.SUN.3.95.980422171232.27846D-100000 () is3 hk super net> you writ
e:

After posting my question, I searched the archive at nfr.net and the
argument by "Adam Shostack" against a switch in the DMZ was not that it
cannot prevent sniffing but rather, it may not stand malicious attack.
However, he did not quote any concrete evidence or example because these
are relatively new.


Switches have finite storage for ARP entries (usually some power of
2, say 4096 or 8192).  Flood them with enough (bogus) ARPs and most
of them will start passing all packets.

POOF.

\Bernhard.

Current thread:

Q on external router Vinci Chou (Apr 22)
- Re: Q on external router Vinci Chou (Apr 22)
  - Re: Q on external router Bennett Todd (Apr 22)
  - Re: Q on external router Bernhard Schneck (Apr 22)
    - Re: Q on external router Eric Vyncke (Apr 23)
    - Re: Q on external router tqbf (Apr 23)
    - Re: Q on external router Eric Vyncke (Apr 24)
    - Re: Q on external router tqbf (Apr 24)
    - RE: Q on external router Andrew J. Luca (Apr 24)
  - Re: Q on external router Adam Shostack (Apr 23)
    - Re: Q on external router Marcus J. Ranum (Apr 23)
    - Re: Q on external router tqbf (Apr 23)
    - Re: Q on external router Paul D. Robertson (Apr 24)
    - Re: Q on external router Eric Vyncke (Apr 24)

(Thread continues...)