RE: unswitched behavior of a switched network...



All,

I've let the last few posts on this subject today go through (you'll be
seeing them hit your inbox shortly) but unless this steers back toward a
pen-test focused discussion I'll reject further posts. The topic is
interesting and has covered a lot of routing concepts and aspects but this
is a pen-testing list and not Cisco support :)

Thanks,

--
Erin Carroll
Moderator
SecurityFocus pen-test list
"Do Not Taunt Happy-Fun Ball"


-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx
[mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of Jon Hart
Sent: Monday, October 16, 2006 2:54 PM
To: Buz Dale
Cc: Krugger; pen-test@xxxxxxxxxxxxxxxxx
Subject: Re: unswitched behavior of a switched network...

On Mon, Oct 16, 2006 at 03:55:43PM -0400, Buz Dale wrote:
I can think if a couple of possibilities. 1) This is
broadcast/multicast traffic. 2) The mac addresses are unknown to the
switch (So it will flood to find them.) 3) The port could be a trunk
or a mirror of a trunk.

I am also seeing normal broadcast/multicast traffic, but that is to be
expected. #3 is not the case here.

As for #2, thats kinda where I was going with my original question --
why would a switch that is processing a session between two endpoints
suddently forget the MAC? Yes, there are timeouts in play here, but
aren't those along the lines of several minutes?

Thanks,

-jon

-----------------------------------------------------------------------
-
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701
600000008bOW
-----------------------------------------------------------------------
-


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------



Relevant Pages

  • Re: When cat comes chasing...
    ... >The connection between the two buildings has been recently upgraded to 100 ... I reset any switch, the problem gets resolved. ... >Cenzic Hailstorm finds vulnerabilities fast. ...
    (Pen-Test)
  • Re: Misdirection ploys are dishonest
    ... example of an alleged "switch" by the DI, ... ...for Ron O, and the above is no exception. ... has to look at the open ended posts to know who is running and lying. ... what category blaming the victims of the ID scam comes under but only ...
    (talk.origins)
  • Re: Tech: Gottlieb 4 Square score motor
    ... I can post pictures of the 4-Square score motor switches if you ... level C is a punched steel cam disc with 3 sets of detents 120 degrees ... posts that stick up into levels D and E, ... position of the switch location. ...
    (rec.games.pinball)
  • Re: G5 Date and Time Issue
    ... whenever I switch it back on after switching it off the night before, ... Have you examined the system log to see if any hardware errors are ... Send responses to the relevant news group rather than to me, ... Use a real news client if you want me to see your posts. ...
    (comp.sys.mac.system)
  • Re: second power supply
    ... You don't read the complete posts or if you do you don't fully understand what is said then you argue. ... "I flipped the on-off switch on the external, supplemental, power supple to on but that power supple did not turn-on." ... |>> wire to the ground wire, do some searching on the net and you should ...
    (microsoft.public.windowsxp.general)