Firewall Wizards mailing list archives

RE: RE: Sniffing out a firewall problem

From: "Carl Friedberg" <friedberg () exs esb com>
Date: Thu, 8 Nov 2001 14:53:15 -0500

On a network exposed to the outside (internet) you should NEVER run a
hub. A hub allows an intruder easy access to any device attached to the
hub, including sniffing traffic between multiple nodes which would never
be "visible" if you were using a switch.

I completely agree that there is no cost reason to use a hub. There is
NO reason to use a hub where security is of any concern.

I might consider using a hub in a protected region behind a firewall to
connect 10/hdx devices (such as a UPS monitor or similar appliance); or
in a test environment; but only to make use of something which is
otherwise consigned to the trash heap.

Carl Friedberg
carl () comets com

-----Original Message-----
From: Barney Wolff [mailto:barney () databus com] 
Sent: Wednesday, November 07, 2001 5:30 PM
To: firewall-wizards () nfr com
Subject: Re: [fw-wiz] RE: Sniffing out a firewall problem


On Sun, Nov 04, 2001 at 06:38:36AM -0800, Gregory Hicks wrote:


Half duplex?  If the ratio of coll/total is 2% or less, Great!  More 
than 10%?  You've got a problem.


This is at best half true.  What is true is that a broken NIC or hub can
cause lots of collisions.  But so can a heavy load when everything is
functioning normally.  I have seen an Ethernet where collisions were
over 100%, for months at a time, but nothing was broken and thruput was
quite good.  When NICs and hub are in spec, a collision wastes very
little time compared to the average frame time.

These days, there is little reason to run hubs rather than switches, so
collisions are largely part of history.
-- 
Barney Wolff

"Nonetheless, ease and peace had left this people still curiously tough.
They were, if it came to it, difficult to daunt or to kill; and they
were, perhaps, so unwearyingly fond of good things not least because
they could, when put to it, do without them, and could survive rough
handling by grief, foe, or weather in a way that astonished those who
did not know them well and looked no further than their bellies and
their well-fed faces." J.R.R.T.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

RE: RE: Sniffing out a firewall problem, (continued)
- - - RE: RE: Sniffing out a firewall problem Robert McMahon (Nov 05)
    - RE: RE: Sniffing out a firewall problem Chiman (Nov 06)
    - RE: RE: Sniffing out a firewall problem Anton (Nov 13)
    - Re: RE: Sniffing out a firewall problem Pierre-Yves BONNETAIN (Nov 09)
    - Re: RE: Sniffing out a firewall problem Peter Lukas (Nov 05)
    - RE: Sniffing out a firewall -SNORT blew up registrty Chiman (Nov 06)
  - Re: RE: Sniffing out a firewall problem R. DuFresne (Nov 03)
- Re: RE: Sniffing out a firewall problem TDyson (Nov 03)
- Re: RE: Sniffing out a firewall problem Gregory Hicks (Nov 05)
  - Re: RE: Sniffing out a firewall problem Barney Wolff (Nov 08)
- RE: RE: Sniffing out a firewall problem Carl Friedberg (Nov 09)
  - Re: RE: Sniffing out a firewall problem Stephane Nasdrovisky (Nov 09)
  - RE: RE: Sniffing out a firewall problem M. Dodge Mumford (Nov 09)
- RE: RE: Sniffing out a firewall problem Carl Friedberg (Nov 10)