Re: Vlans

[Rainer Enders <renders () YIPES COM>]

However there are switches that have implemented
certain countermeasures against certain attacks.
But I guess you can probably always find something
that they haven't thought off yet.

Rainer

-----Original Message-----
From: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]On Behalf Of Dom
De Vitto
Sent: Sunday, January 21, 2001 12:53 PM
To: VULN-DEV () SECURITYFOCUS COM
Subject: Re: Vlans


 Aaron D. Turner  wrote:
 | The basic difference is fail-safe vs. fail-open.  When 'bad
 | things happen' like the switch gets hammered with more packets
 | than it can deal with, how does it respond?  There's no industry
 | standard to specify how switches or other devices should deal with
 | these kind of situations.

Aaron is quite right, and frankly it's exactly his point that makes
people so angry and shocked when they realise that the (expensive)
switch they use, just ain't secure one eenie-weenie bit.

To counter Aaron though, the industry standard is the marketing hype
about backbone throughput, latency, bla, bla, - the marketing monkeys
would have you believe that speed is everything.

Why else does favorite switch maker have 3 levels of decoding the frames,
with only the last actually confirming that the frame isn't corrupt.
If you've ever seem a switch die under the load of flooding frames
that start 'BAD' (in hex), you'll know why things happening ever so
fast isn't so good when your switch (and trading-floor lan) is crashing.

Dom
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  Dom De Vitto                              Secure Technologies Ltd.
  mailto:dom devitto.com                         Mob. 07971 589 201
  http://www.devitto.com                         Fax. 08700 548 750
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -