[4276] in North American Network Operators' Group
Re: customers and web servers and level one naps
daemon@ATHENA.MIT.EDU (Michael Dillon)
Tue Sep 10 18:08:58 1996
Date: Tue, 10 Sep 1996 15:03:28 -0700 (PDT)
From: Michael Dillon <michael@memra.com>
To: nanog@merit.edu
In-Reply-To: <3.0b15.32.19960910174434.00a15d18@pop.erols.com>
On Tue, 10 Sep 1996, Justin W. Newton wrote:
> >Therefore, you should only connect trusted pieces of equipment to a
> >level-2 media unless it is being used as a point-to-point media. Lets use
> >Ethernet as an example. If you connect a customer web server to an
> >Ethernet then they can sniff any traffic that goes by and possibly do
> >nasty things like spoofing. Even if they would never do such a thing they
> >may be hacked by somebody who would do such a thing. So it is not a good
> >idea to share a level 2 media in this way.
>
> The MAE's are switches. Unless you are sending super secret BROADCAST
> traffic the security implications you are mentioning are non-existant.
What about people hacking MAC addresses or screwing around with ARP and
BOOTP? He was asking about attaching a customer web server to the exchange
so presumably anything could be done on that box.
Michael Dillon - ISP & Internet Consulting
Memra Software Inc. - Fax: +1-604-546-3049
http://www.memra.com - E-mail: michael@memra.com
