[40] in Resnet-Forum
secure hubs in dorms
daemon@ATHENA.MIT.EDU (lumm@spot.CC.Lehigh.EDU)
Mon Nov 8 10:56:48 1993
From: lumm@spot.CC.Lehigh.EDU
To: resnet-forum@MIT.EDU
Date: Mon, 8 Nov 1993 10:32:54 -0500 (EST)
Hello,
I'm new to the list so forgive me if this was discussed before.
We're going to shortly being installing 10base-T Ethernet in dorm
rooms here at Lehigh. Our question is whether it is worth the extra
initial expense and greater administartive effort to install 'secure'
hubs rather than standard 10base-T hubs. Secure hubs are the ones
that scramble traffic to a port if it is not destined for the Ethernet
address assigned to that port.
The reason we are considering this is because of the risk of Ethernet
snooping. Ethernet monitors are much cheaper these days, and there
are PD Ethernet snooping programs available which are quite effective
in fast machines with fast Ethernet cards. This plus the fact that
snooping is a passive activity which we can not discover. We will
have subnets separated by routers that will limit the snooping
activities to the local net, but even that is quite a bit of exposure.
What are other Universities doing about the Ethernet snooping factor?
Not worrying about it? Do you have a policy about students snooping
on each other's traffic, even though chances of actually catching
someone doing this is quite small? If you were going to start
installing dorm room nets today, would you use secure hubs?
thanks,
mark
--
-----------------------------------------------------------------------------
Mark Miller
Lead Network Analyst lumm@Lehigh.EDU
183 Computing Center, Bldg #8B lumm@spot.CC.Lehigh.EDU
Lehigh University
Bethlehem, PA 18015
-----------------------------------------------------------------------------
