VS: Why can I see other traffic at switch environment just tcpdump?

["Toni Heinonen" <Toni.Heinonen () teleware fi>]

> Switches should not be relied on as a security mechanism 
> unless the switch specifically has (and has been configured 
> to use) port security by the use of static assignment of MAC 
> addresses to ports.

And rarely even then, as you can simply connect your computer with a
cross-linked cable to a legal workstation, sniff the MAC address, and
configure that to be your addy. If you get physical access to the
network, you most likely can do this, too.

We can never get perfect security, but we can raise the bar. At least
now we've made the passive eavesdropper active, so s/he can be detected,
at least a lot easier than a regular eavesdropper.

I'd recommend a good PKI.

> Kelly

Warm regards,
-- 
Toni Heinonen, Teleware Oy
  Wireless +358 (40) 836 1815
  Telephone +358 (9) 3434 9123
  toni.heinonen () teleware fi
  www.teleware.fi

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com