> Somebody said, that there is way to fool but floodding it with weird
> arpa entries and the switch will fall back into hub mode. I wonder if it
> is true for all hubs and if I can use non SNMP controllable hub.

Think about how a hub works (or for that matter a switch). It has a
MAC address table of a certain finite size. If you send packets with
a MAC address which is not in the address table, the packet must be
transmitted on all ports (except the one it arrived on).

MAC addresses are learned as packets are received. Thus in many cases
you can force transmission on all ports by flooding the hub or switch
with lots of fake MAC addresses, thus flushing the real MAC addresses
from the table.

(A switch may have a MAC address table per port - but the original
argument still holds.)

Steinar Haug, Nethelp consulting, sthaugnethelp.no

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]