Re: arpwatch and more
On Fri, 16 Mar 2001 13:05:06 -0800, Mike Fedyk <mfedyk@matchmail.com>
wrote:
>On Fri, Mar 16, 2001 at 09:24:56PM +0100, Marc Haber wrote:
>> Please be aware, though, that the MAC address is trivial to forge
>> nowadays.
>Hmm, how does a switch deal with the same mac address coming from two ports
>at the same time?
It will probably flap. MAC address forging will only work if the host
that owns the forged MAC is switched off or disabled in some other
way.
>Does that mean that we've lost the added security from ethernet switches? I
>can see that if a switch was fooled into sending traffic to two ports that
>could be a security problem, if security depends on the switching function.
Using a non-VLANned switch for security is a bad idea IMO.
Greeetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29
Reply to: