Bugtraq mailing list archives
Re: Infosec.19990305.macof.a
From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Sun, 9 May 1999 14:53:35 +0100
Well, um, actually it is supposedly possible to pre-program some switches with the MACs of the host(s) it should see on a given segment.
Yes, which makes little odds
Assuming you've done this, and that it's possible to stop the switch from learning new MACs (I've not yet tried this myself), it should make
Which isnt needed
many of the attacks described to date much more difficult, if not impossible.
It stops some of the basic spanning tree attacks
In addition the switch *is* an extra level of defense, even if it's not 100% guaranteed, as it does prevent trivial sniffing (as anyone who grew up diagnosing Ethernet problems with packet sniffers can tell you!).
It works the other way. The switch stops the administrator seeing the games I'm playing across other ports. Crackers hide behind switches. They unicast the attack arps, they redirect the traffic and admins on another segment don't even see a change.. -- With trembling hands he unfurled the ancient cracked parchment, this was the place, it had to be. Uncertainly he began to mumble the chant "rdbms, sql , third normal formal form, java, table, scalable". Something moved..
From outside they heard a scream and a thud. The sales department had awoken
Current thread:
- Infosec.19990305.macof.a ian.vitek () INFOSEC SE (May 05)
- Re: Infosec.19990305.macof.a Emil Isberg (May 06)
- Re: Infosec.19990305.macof.a David Maxwell (May 06)
- <Possible follow-ups>
- Re: Infosec.19990305.macof.a Glen Turner (May 06)
- Re: Infosec.19990305.macof.a Alan Cox (May 07)
- Re: Infosec.19990305.macof.a Greg A. Woods (May 08)
- Re: Infosec.19990305.macof.a Alan Cox (May 09)
- OpenLinux 2.2: LISA install leaves root access without password Andrew McRory (May 08)
- Re: [linux-security] OpenLinux 2.2: LISA install leaves root Ralf Flaxa (May 09)
- SunOS 5.7 rmmount, no nosuid. Jonas Stahre (May 10)
- Re: SunOS 5.7 rmmount, no nosuid. C.J. Oster (May 10)
- nidsbench announcement Dug Song (May 13)
- Re: Infosec.19990305.macof.a Alan Cox (May 07)
- Adminisrivia Aleph One (May 10)
- [BIND-BUGS #18] Non-delegated master domains Ian Carr-de Avelon (May 10)
- Re: [BIND-BUGS #18] Non-delegated master domains Andrew Brown (May 11)
- Re: [BIND-BUGS #18] Non-delegated master domains Dan Busarow (May 11)
- ICQ Password Revealer Dmitri Alperovitch (May 10)