Firewall Wizards mailing list archives
Re: What's the deal with SSH? (was: PIX software release 5.2)
From: Luca Berra <bluca () comedia it>
Date: Sun, 1 Oct 2000 15:45:45 +0200
On Tue, Sep 26, 2000 at 01:54:55PM -0400, John Adams wrote:
On Mon, 25 Sep 2000 sean.kelly () lanston com wrote:As other people have noted, don't mistake switching for some sort of network security panacea. And you should certainly be concerned if you're using telnet to connect to locations you'd prefer be kept off-limits. All it takes to grab a username/password is have a box in a position to pick up traffic with its ethernet card set in promiscuous mode.Although I'm not putting 100% faith in the security of switched networks, if my switch has not been compromised, and no SPAN ports are available, how is it possible to pull packets off the network? I can think of some ways to do it by forging ISL or trunk protocols, but nothing that can be easily accomplished by an attacker from the outside in.
You can fake arp replies, or send gratuitous arps for the default gateway, or with some switches you can even just overload them and they will start leking frames on all ports :) L. -- Luca Berra -- bluca () comedia it Communication Media & Services S.r.l. _______________________________________________ Firewall-wizards mailing list Firewall-wizards () nfr net http://www.nfr.net/mailman/listinfo/firewall-wizards
Current thread:
- RE: What's the deal with SSH? (was: PIX software release 5.2) John Adams (Oct 01)
- Re: What's the deal with SSH? (was: PIX software release 5.2) Luca Berra (Oct 01)
- Re: What's the deal with SSH? (was: PIX software release 5.2) Michael H. Warfield (Oct 01)
- RE: What's the deal with SSH? (was: PIX software release 5.2) Barry Dykes (Oct 03)