Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: What's the deal with SSH? (was: PIX software release 5.2)

From: Luca Berra <bluca () comedia it>
Date: Sun, 1 Oct 2000 15:45:45 +0200
On Tue, Sep 26, 2000 at 01:54:55PM -0400, John Adams wrote:

On Mon, 25 Sep 2000 sean.kelly () lanston com wrote:


As other people have noted, don't mistake switching for some sort of network
security panacea.  And you should certainly be concerned if you're using
telnet to connect to locations you'd prefer be kept off-limits.  All it
takes to grab a username/password is have a box in a position to pick up
traffic with its ethernet card set in promiscuous mode.


Although I'm not putting 100% faith in the security of switched networks,
if my switch has not been compromised, and no SPAN ports are available,
how is it possible to pull packets off the network? I can think of some
ways to do it by forging ISL or trunk protocols, but nothing that can be
easily accomplished by an attacker from the outside in. 


You can fake arp replies, or send gratuitous arps for the default gateway,
or with some switches you can even just overload them and they will
start leking frames on all ports :)

L.

-- 
Luca Berra -- bluca () comedia it
    Communication Media & Services S.r.l.

_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: