Vulnerability Development mailing list archives
Re: switch jamming
From: Blue Boar <BlueBoar () thievco com>
Date: Thu, 31 Jan 2002 08:15:24 -0800
Anthony Gruppuso wrote:
Does anybody know of any switches that can protect against this type of attack, or is virtually every switch affected? I imagine this is "old news," so what have vendors done to counteract this type of activity?
The Cisco switches at least can be secured against this, if you can live with the inconvenience. If you have one machine per port, you can configure the switch to learn the first MAC address it sees, and then not accept frames from any other address. This means that you can't move machines around or changes NICs without the switch admin resetting the MAC address for the affected ports. It also means that you can't chain multiple machines off of any ports configured that way, say via a hub. BB
Current thread:
- DoS against DHCP, (continued)
- DoS against DHCP RSnake (Jan 30)
- RE: DoS against DHCP John Stauffacher (Jan 30)
- Re: DoS against DHCP Russell Handorf (Jan 30)
- Re: DoS against DHCP Craig Van Tassle (Jan 30)
- Re: DoS against DHCP Felix Lindner (Jan 31)
- Re: switch jamming Blue Boar (Jan 30)
- RE: switch jamming Ed Moyle (Jan 30)
- Re: switch jamming sean whalen (Jan 30)
- RE: switch jamming Henniges, Matthew (ISS) (Jan 30)
- RE: switch jamming Anthony Gruppuso (Jan 31)
- Re: switch jamming Blue Boar (Jan 31)
- Re: switch jamming ALoR (Jan 31)
- RE: switch jamming Alexander (Jan 31)
- Re: switch jamming Blue Boar (Jan 31)
- RE: switch jamming Toni Heinonen (Jan 31)
- Re: switch jamming blast (Jan 31)
- RE: switch jamming blast (Jan 31)
- RE: switch jamming Richard Corley (Jan 31)
- DoS against DHCP RSnake (Jan 30)