Home page logo

bugtraq logo Bugtraq mailing list archives

Re: False security in switches and a little more Rconsole.
From: booloo () CATS UCSC EDU (Mark Boolootian)
Date: Tue, 13 Oct 1998 15:27:24 -0700

Most switches have some facility to allow you to monitor another port, the
traffic of an entire VLAN, or even all traffic in the switch. If your
switch is compromised, someone could listen in on your workstation
conversations, which you thought were private.

A much more straightforward attack against switches involves a machine
which can alter its ethernet address and which is directly attached to
a switch.  The machine generates a stream of packets, each coming from a
unique ethernet address.  Once the switch's forwarding table has filled,
the switch will flood all subsequent traffic out all ports (excluding ports
that have been configured specifically not to flood).  At this point, the
switch, in effect, resembles a repeater.  Switches often offer mechanisms
to limit the number of MAC addresses  on a per port basis, but most folks
don't bother with such configurations.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]