Re: DoS of LAN via D-Link switches
From: Neil Watson (bugtraq_at_watson-wilson.ca)
Date: 03/30/05
- Previous message: Paul J Docherty: "RE: Portcullis Security Advisory 05-011 ACPI 1.6 BIOS"
- In reply to: Tarmo Mamers: "Re: DoS of LAN via D-Link switches"
- Next in thread: Joel Maslak: "Re: DoS of LAN via D-Link switches"
- Reply: Joel Maslak: "Re: DoS of LAN via D-Link switches"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 30 Mar 2005 09:21:14 -0500 To: bugtraq@securityfocus.com
From: Frank Bures [mailto:lisfrank@chem.toronto.edu]
Sent: Tuesday, March 29, 2005 4:41 AM
> In my opinion, a switch should be immune to this admittedly insane
> manipulation. Otherwise, one can DoS the entire network just
> by shorting
> two RJ-45 network outlets in one's office together.
I believe what you are describing is officially called a bridge loop. A
bridge loop occurs when a switch, or stack of switches are plugged into
themselves. The result is that the switches report the same MAC address
at multiple ports. The solution to this is called Spanning Tree
Protocol. STP is a set of algorithms that help switches remove
redundant MAC entries.
Reference:
http://www.oreillynet.com/pub/a/network/2001/03/30/net_2nd_lang.html
-- Neil Watson | Gentoo Linux Network Administrator | Uptime 12 days http://watson-wilson.ca | 2.6.11.4 AMD Athlon(tm) MP 2000+ x 2
- Previous message: Paul J Docherty: "RE: Portcullis Security Advisory 05-011 ACPI 1.6 BIOS"
- In reply to: Tarmo Mamers: "Re: DoS of LAN via D-Link switches"
- Next in thread: Joel Maslak: "Re: DoS of LAN via D-Link switches"
- Reply: Joel Maslak: "Re: DoS of LAN via D-Link switches"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
