mailing list archives
Re: False security in switches and a little more Rconsole.
From: peter.jeremy () AUSS2 ALCATEL COM AU (Peter Jeremy)
Date: Wed, 14 Oct 1998 07:28:47 +1000
Chris Zagar <zagar () GCINFO GC MARICOPA EDU> wrote:
Ok, heres a very simple solution: Buy a switch.
Actually, switches do help, but they also run the risk of people actually
believing that their switched connections are private, lulling you into a
false sense of security.
[Description of port monitoring facilities deleted]
And quite apart from the documented and intentional port monitoring
facilities, the switch may leak packets.
I have a number of systems attached via switch ports to our backbone
(for traffic purposes). Last year I took some traffic samples from a
machine connected to one brand of switch. I recently repeated the
test with a different brand of switch. In both cases, there were
about 2 packets per second (around 2% of the segment traffic) that
were unicast, and not intended for the machine that received them.
Moral: Don't rely on your switch for security.
Peter Jeremy (VK2PJ) peter.jeremy () alcatel com au
Alcatel Australia Limited
41 Mandible St Phone: +61 2 9690 5019
ALEXANDRIA NSW 2015 Fax: +61 2 9690 5247
- Re: False security in switches and a little more Rconsole. Peter Jeremy (Oct 13)