Firewall Wizards mailing list archives
RE: Connecting networks securely with a switch
From: Ben Nagy <ben.nagy () marconi com au>
Date: Thu, 14 Dec 2000 10:47:21 +1030
-----Original Message-----
[quoted from tweir - I didn't see this hit the list?]
From: "Brian Denehy" <B.Denehy () securegate net> Subject: Re: [fw-wiz] Connecting networks securely with a switchRepeat after me - a switch has no security enforcingfunction. Throw awaythe firewall, it's not doing anything for you if youbypass it. There areknown attacks against switches which can't be fixed untilthe protocols(particularly 802.1q) are fixed.
Hi Brian, Do you have any concrete attacks / examples in mind? I would really love to be able to accurately assess risks with these kind of scenarios, but have never been able to point to a bug which is not a vendor error. It sounds like you're saying that there are known, protocol level (802.1q) attacks which are vendor independant. If so, could you please elaborate? Cheers, -- Ben Nagy Marconi Services Network Integration Specialist Mb: +61 414 411 520 PGP Key ID: 0x1A86E304 _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Connecting networks securely with a switch tweir (Dec 12)
- <Possible follow-ups>
- Re: Connecting networks securely with a switch tweir (Dec 14)
- RE: Connecting networks securely with a switch Ben Nagy (Dec 15)