[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Raq3 admin & root passwords
- Subject: Re: [cobalt-users] Raq3 admin & root passwords
- From: jk@xxxxxxxxxxxx (Jens Kristian Søgaard)
- Date: Thu Apr 27 09:29:59 2000
Chris Adams <cmadams@xxxxxxxxxx> writes:
> > You would normally hook up equipment on a switch, which provides a new
> > physical segment for each connections.
> > I.e. promiscous NIC's don't have access to any data other than the
> > data destined for it's own IP.
> In an ideal world, yes. However, there are several problems with this.
> Say your server and my server were plugged into an ethernet switch.
> Every time there is an ARP request for your IP address, I could answer
> (and there are ways to make sure that _my_ answer is heard instead of
But there are also ways (on more advanced switches) to make sure, that
your answer is _not_ heard.
> Basically, a switch should NEVER be considered a security measure. If
Well, in some ways it is.
But wouldn't most ISPs notice if the broadcast traffic on a switch
suddenly jumped to 100% :-) ?
Anyways, I think it's a bit "way out" to really calculate with this
risk. Using ssh is secure enough.
--
Jens Kristian Søgaard,
jk@xxxxxxxxxxxx -- http://www.jksoegaard.dk/
Søger du noget? -- http://www.google.com/
echo|perl -ple'$_+=4E-6*!int rand()**2+rand()**2while$i++-1E6'