Bugtraq mailing list archives
Re: Infosec.19990305.macof.a
From: cel95eig () mds mdh se (Emil Isberg)
Date: Thu, 6 May 1999 22:30:07 +0200
On 5 May 1999, ian.vitek () INFOSEC SE wrote:
Vulnerability Summary --------------------- Problem: Due to limitation with ARP/MAC-tables; switches could start sending packages to all ports, other network devices could hang, crash or reboot if they receive lots of MAC-addresses. Threat: Someone could eavesdrop/sniff network connections over a switched network. Denial of service attacks on a local network. Solution: There is no today known solution to the problem.
This problem is known. The problem is known as "Learning mode" and is the state the switch is in when it "learn" how the network is configurated. What it does is simply to record what port each mac-address is responding. How does the solution look like? Well. Don't use "learning mode" on the switch. In a secure environment you know most of the needed mac-addresses and the rest you should know anyway so you do not need "learning mode". But is it a limitation? Yes. The switch should notice that a port is behaving very strange and disable it (before it's MAC-table is flushed). -- /Emil "Man kan säga att jag har ett eget filsystem i min lägenhet. /Bornäs"
Current thread:
- Infosec.19990305.macof.a ian.vitek () INFOSEC SE (May 05)
- Re: Infosec.19990305.macof.a Emil Isberg (May 06)
- Re: Infosec.19990305.macof.a David Maxwell (May 06)
- <Possible follow-ups>
- Re: Infosec.19990305.macof.a Glen Turner (May 06)
- Re: Infosec.19990305.macof.a Alan Cox (May 07)
- Re: Infosec.19990305.macof.a Greg A. Woods (May 08)
- Re: Infosec.19990305.macof.a Alan Cox (May 09)
- OpenLinux 2.2: LISA install leaves root access without password Andrew McRory (May 08)
- Re: [linux-security] OpenLinux 2.2: LISA install leaves root Ralf Flaxa (May 09)
- SunOS 5.7 rmmount, no nosuid. Jonas Stahre (May 10)
- Re: SunOS 5.7 rmmount, no nosuid. C.J. Oster (May 10)
- nidsbench announcement Dug Song (May 13)
- Re: Infosec.19990305.macof.a Alan Cox (May 07)