Date: Wed, 20 Dec 2000 10:02:43 -0600 From: "Chuck Rock" <carock@epconline.net> To: <security@FreeBSD.ORG>, <questions@FreeBSD.ORG> Subject: RE: What anti-sniffer measures do i have? Message-ID: <000301c06a9e$49383010$1805010a@epconline.net> In-Reply-To: <007001c06a80$9fac4800$0c00a8c0@ipform.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
I use Intel 460T standalone switches, and they have the ability to keep the database from learning new MAC addresses, and you can manually program the MAC addresses to each port. This is much safer than default configuration, but it takes a lot of the convenience of the switches ability to handle changes. I'm not necessarily saying they are better than others, I don't like some of the features they have, and I haven't tried many other switches. I could go either way for security or convenience, but most networks don't change like mine does, so the call would up to the person that has to maintain those switch databases, and what tools are available to automate that process. Any "good" SNMP software would probably suffice in allowing you to remotely make database changes, and monitor the switches as well. another nice thing with these is they have the ability to use BOOTP so the configs can be centrally located. Chuck > -----Original Message----- > From: Artem Koutchine [mailto:matrix@ipform.ru] > Sent: Wednesday, December 20, 2000 6:30 AM > To: Vladimir Mencl, MK, susSED; David Talkington > Cc: Chuck Rock; security@FreeBSD.ORG; questions@FreeBSD.ORG > Subject: Re: What anti-sniffer measures do i have? > > > N/A for windows. Only for UNIX. So, not usable in heterogenic > networks. > > ----- Original Message ----- > From: "Vladimir Mencl, MK, susSED" <mencl@nenya.ms.mff.cuni.cz> > To: "David Talkington" <dtalk@prairienet.org> > Cc: "Chuck Rock" <carock@epconline.net>; <security@FreeBSD.ORG>; > <questions@FreeBSD.ORG> > Sent: Wednesday, December 20, 2000 3:23 PM > Subject: RE: What anti-sniffer measures do i have? > > > > On Tue, 19 Dec 2000, David Talkington wrote: > > > > > Far as I know, hard-coding an arp table is the only way to prevent > > > that sort of thing ... someone please correct me if I'm wrong? > > > > Hardcoding the ARP table both in the switch and in every computer "to be > > protected" in the network. Every computer would have to know both IP and > > ethernet address of at least the router, the nameserver and all > > computers it connects to. > > > > Will it be enough? > > > > ...putting the switch into a mode like "use only-and-only this hardcoded > > arp-table".... > > > > > > > > Vladimir Mencl > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000301c06a9e$49383010$1805010a>