Re: switch jamming

From: Blue Boar (BlueBoarat_private)
Date: Thu Jan 31 2002 - 08:15:24 PST

Next message: Toni Heinonen: "RE: switch jamming"

Previous message: Alexander: "RE: switch jamming"
In reply to: Anthony Gruppuso: "RE: switch jamming"
Next in thread: ALoR: "Re: switch jamming"
Next in thread: Toni Heinonen: "RE: switch jamming"
Reply: ALoR: "Re: switch jamming"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Anthony Gruppuso wrote:
> 
> Does anybody know of any switches that can protect against this type of
> attack, or is virtually every switch affected?  I imagine this is "old
> news," so what have vendors done to counteract this type of activity?
> 

The Cisco switches at least can be secured against this, if you can
live with the inconvenience.  If you have one machine per port, you
can configure the switch to learn the first MAC address it sees,
and then not accept frames from any other address.  This means
that you can't move machines around or changes NICs without the
switch admin resetting the MAC address for the affected ports.  It also
means that you can't chain multiple machines off of any ports
configured that way, say via a hub.

					BB

Next message: Toni Heinonen: "RE: switch jamming"
Previous message: Alexander: "RE: switch jamming"
In reply to: Anthony Gruppuso: "RE: switch jamming"
Next in thread: ALoR: "Re: switch jamming"
Next in thread: Toni Heinonen: "RE: switch jamming"
Reply: ALoR: "Re: switch jamming"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jan 31 2002 - 08:34:52 PST