[4291] in North American Network Operators' Group
Re: customers and web servers and level one naps
daemon@ATHENA.MIT.EDU (Justin W. Newton)
Wed Sep 11 12:00:58 1996
Date: Wed, 11 Sep 1996 12:09:48 -0400
To: Michael Dillon <michael@memra.com>, nanog@merit.edu
From: "Justin W. Newton" <justin@erols.com>
At 03:03 PM 9/10/96 -0700, Michael Dillon wrote:
>On Tue, 10 Sep 1996, Justin W. Newton wrote:
>
>> >Therefore, you should only connect trusted pieces of equipment to a
>> >level-2 media unless it is being used as a point-to-point media. Lets use
>> >Ethernet as an example. If you connect a customer web server to an
>> >Ethernet then they can sniff any traffic that goes by and possibly do
>> >nasty things like spoofing. Even if they would never do such a thing they
>> >may be hacked by somebody who would do such a thing. So it is not a good
>> >idea to share a level 2 media in this way.
>>
>> The MAE's are switches. Unless you are sending super secret BROADCAST
>> traffic the security implications you are mentioning are non-existant.
>
>What about people hacking MAC addresses or screwing around with ARP and
>BOOTP? He was asking about attaching a customer web server to the exchange
>so presumably anything could be done on that box.
The same can be done with some routers.
Justin Newton
Internet Architect
Erol's Internet Services
