Re: switch jamming
From: Blue Boar (BlueBoar@thievco.com)Date: 01/31/02
- Previous message: Alexander: "RE: switch jamming"
- In reply to: Anthony Gruppuso: "RE: switch jamming"
- Next in thread: ALoR: "Re: switch jamming"
- Next in thread: Toni Heinonen: "RE: switch jamming"
- Reply: ALoR: "Re: switch jamming"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 31 Jan 2002 08:15:24 -0800 From: Blue Boar <BlueBoar@thievco.com> To: Anthony Gruppuso <AGruppus@jcals.army.mil>
Anthony Gruppuso wrote:
>
> Does anybody know of any switches that can protect against this type of
> attack, or is virtually every switch affected? I imagine this is "old
> news," so what have vendors done to counteract this type of activity?
>
The Cisco switches at least can be secured against this, if you can
live with the inconvenience. If you have one machine per port, you
can configure the switch to learn the first MAC address it sees,
and then not accept frames from any other address. This means
that you can't move machines around or changes NICs without the
switch admin resetting the MAC address for the affected ports. It also
means that you can't chain multiple machines off of any ports
configured that way, say via a hub.
BB
- Previous message: Alexander: "RE: switch jamming"
- In reply to: Anthony Gruppuso: "RE: switch jamming"
- Next in thread: ALoR: "Re: switch jamming"
- Next in thread: Toni Heinonen: "RE: switch jamming"
- Reply: ALoR: "Re: switch jamming"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
