Security Incidents mailing list archives
RE: Why can I see other traffic at switch environment just tcpdump?
From: "Rob Shein" <shoten () starpower net>
Date: Wed, 9 Oct 2002 10:38:53 -0400
Switches should not be relied on as a security mechanism unless the switch specifically has (and has been configured to use) port security by the use of static assignment of MAC addresses to ports. Kelly
Which, I'd like to point out (before anyone tries this in a real environment) is a nightmare and a disaster waiting to happen. No matter how clearly you may remember doing this, it's a sure-fire bet that at some point a machine will be moved or replaced (or, for that matter, just its NIC), and the person doing it won't know why networking doesn't work. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Why can I see other traffic at switch environment just tcpdump? SB CH (Oct 08)
- Re: Why can I see other traffic at switch environment just tcpdump? Kelly Martin (Oct 08)
- RE: Why can I see other traffic at switch environment just tcpdump? Rob Shein (Oct 09)
- Re: Why can I see other traffic at switch environment just tcpdump? Darryl Luff (Oct 09)
- Re: Why can I see other traffic at switch environment just tcpdump? Kelly Martin (Oct 08)