nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: customers and web servers and level one naps

From: Michael Dillon <michael () memra com>
Date: Tue, 10 Sep 1996 15:03:28 -0700 (PDT)
On Tue, 10 Sep 1996, Justin W. Newton wrote:


Therefore, you should only connect trusted pieces of equipment to a
level-2 media unless it is being used as a point-to-point media. Lets use
Ethernet as an example. If you connect a customer web server to an
Ethernet then they can sniff any traffic that goes by and possibly do
nasty things like spoofing. Even if they would never do such a thing they
may be hacked by somebody who would do such a thing. So it is not a good
idea to share a level 2 media in this way.


The MAE's are switches.  Unless you are sending super secret BROADCAST
traffic the security implications you are mentioning are non-existant.


What about people hacking MAC addresses or screwing around with ARP and
BOOTP? He was asking about attaching a customer web server to the exchange
so presumably anything could be done on that box. 

Michael Dillon                   -               ISP & Internet Consulting
Memra Software Inc.              -                  Fax: +1-604-546-3049
http://www.memra.com             -               E-mail: michael () memra com

- - - - - - - - - - - - - - - - -
Previous By Date Next
Previous By Thread Next

Current thread: