RE: Can an ethernet bridge be detected ?



listbounce@xxxxxxxxxxxxxxxxx a écrit sur 2011-07-15 19:47:42 :

De : ijk1137 <ijk1137@xxxxxxxxx>
A : security-basics@xxxxxxxxxxxxxxxxx
Date : 2011-07-18 11:55
Objet : Can an ethernet bridge be detected ?
Envoyé par : listbounce@xxxxxxxxxxxxxxxxx

Hi,

I'm wondering when I setup an ethernet bridge like this:

.--------------. .---------. .------.
|workstation pc|------------|bridge
pc|------------|router|---------internet
'--------------' eth0'---------'eth1 '------'

-using these commands on 'bridge pc':
||ifconfig eth0 0.0.0.0
||ifconfig eth1 0.0.0.0
brctl addbr bridge0
brctl addif eth0
brctl addif eth1
ifconfig bridge0 up

Is there a way to detect this bridge? Is the 'bridge pc' totally
transparent / invisible from both sides?


By default, the bridge will send spanning-tree PDUs ever two seconds on
each interface. These packets will have the bridge's MAC as a source, so
the workstation (or the router) running in promiscuous mode will detect
that the bridge is there.

Also, the router on your diagram may be set to automatically shutdown
ports upon reception of BPDUs to prevent the insertion of rogue switches
(which are just multiport bridges)



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------