[geeks] ethernet switch insecurity
Greg A. Woods
woods at weird.com
Sun Jul 21 13:03:50 CDT 2002
[ On Saturday, July 20, 2002 at 22:57:35 (-0400), Tim H. wrote: ]
> Subject: Re: [geeks] ethernet switch insecurity
>
> umm, obviously not. I'd like to see a sniffer that can sniff packets it
> doesn't see. Since the switch is at the ethernet level, and is sorting
> traffic by destination mac address, the only way to possible sniff would
> be to spoof mac addresses, and that kinda interferes with diagnostics.
Well, it all depends on what kind of diagnostics you're trying to do and
what kind of load your switch is under.....
If you want to effectively turn your switch into a hub so that you can
better see what's happening across your LAN at the applicaton layer then
you may as well play fast and loose with something like dsniff.
--
Greg A. Woods
+1 416 218-0098; <g.a.woods at ieee.org>; <woods at robohack.ca>
Planix, Inc. <woods at planix.com>; VE3TCP; Secrets of the Weird <woods at weird.com>
More information about the geeks
mailing list