[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] security

Subject: Re: [cobalt-users] security
From: "Rick Ewart" <cobalt@xxxxxxxxx>
Date: Tue Feb 13 12:16:01 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> } Correct my thinking here but if you are hosting a raq in a colo or
dedicated
> } facility, and you telnet in with admin account, anyone with another
machine
> } can run a sniffer, see your admin password, use it to get to root, and
crack
> } your machine.
> } SSH only.
>
> You are right. Unless the network is segmented by a switch
> anyone with root access on any of the machines on that network can
> sniff all the packets on that network - including your packets.

Actually, I was just reading an article entitled "why your switched network
isn't safe from sniffers". Essentially, they have ways to defeat switches
partitioning the network. One of the ways I recall right now was to flood
the switch with more than 255 fake MAC addresses, causing the switch to fail
open and revert to acting like a hub, then sniffing. Or screwing with the
broadcasting of MAC addresses to the swtich and confusing it and/or having
double ones. The days of switched protection are gone. I can find the
article again if you are interested... Mail me off-list.

Rick Ewart

Follow-Ups:
- Re: [cobalt-users] security
  - From: elmer
- RE: [cobalt-users] security
  - From: Rodolfo Paiz

Prev by Date: [cobalt-users] Frontpage nonsense
Next by Date: Re: [cobalt-users] WANTED: RAQ Servers!
Previous by thread: [cobalt-users] Security
Next by thread: Re: [cobalt-users] security

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index