[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Let's talk about HTTPS Everywhere



On Mon, 24 Jan 2011 12:50:34 -0700
david wildgoose <david.wildgoose@gmail.com> wrote:

> On Mon, Jan 24, 2011 at 12:43 PM, Camaleón <noelamac@gmail.com> wrote:
> 
> > On Sun, 23 Jan 2011 23:21:20 -0500, Celejar wrote:
> >
> > > On Sat, 22 Jan 2011 13:37:20 -0600 "Boyd Stephen Smith Jr." wrote:
> > >
> > >> In <pan.2011.01.22.18.58.17@gmail.com>, Camaleón wrote:
> >
> > >> >I agree. Wired networks are not that exposed to these attacks.
> > >>
> > >> Not entirely true.  On a hubbed network, putting your network card into
> > >> promiscuous mode will allow you do see other's HTTP traffic and
> > >> "sidejack" them.  Even on a switched network, there may be a way to
> > >> fool the switch into giving you enough data from the HTTP traffic to
> > >> preform a "sidejack".
> > >
> > > I know very little about enterprise networking, but are hubs still in
> > > actual use today?
> >
> > Last time I had to make a "fine-grained" debugging operation over my
> > network using wireshark I had to "restore-to-life" an old (and dusty) hub
> > that came with our DSL device... back in 2000 :-P
> >
> >
> Port monitoring is something thats useful in troubleshooting network related
> problems on networks using switches, thought I think your switch needs to
> support it.

IIUC, you may be confusing two scenarios: with hubs, all traffic
always gets sent out to all connected systems, so monitoring is
straightforward. With switches, traffic is normally sent only to the
target hosts, so to monitor general network traffic from a specific
host, mirroring is needed, and it is indeed a special feature of some
switches:

http://en.wikipedia.org/wiki/Port_mirroring

Celejar
-- 
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


Reply to: