Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Infosec.19990305.macof.a

From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Sun, 9 May 1999 14:53:35 +0100


Well, um, actually it is supposedly possible to pre-program some
switches with the MACs of the host(s) it should see on a given segment.


Yes, which makes little odds


Assuming you've done this, and that it's possible to stop the switch
from learning new MACs (I've not yet tried this myself), it should make


Which isnt needed


many of the attacks described to date much more difficult, if not
impossible.


It stops some of the basic spanning tree attacks


In addition the switch *is* an extra level of defense, even if it's not
100% guaranteed, as it does prevent trivial sniffing (as anyone who grew
up diagnosing Ethernet problems with packet sniffers can tell you!).


It works the other way. The switch stops the administrator seeing the
games I'm playing across other ports. Crackers hide behind switches. They
unicast the attack arps, they redirect the traffic and admins on another
segment don't even see a change..

--
With trembling hands he unfurled the ancient cracked parchment, this was
the place, it had to be. Uncertainly he began to mumble the chant "rdbms,
sql , third normal formal form, java,  table, scalable". Something moved..

From outside they heard a scream and a thud. The sales department had awoken
Previous By Date Next
Previous By Thread Next

Current thread: