Network Security – Hub or Switch?



So, for those that have a little bit of knowledge about network hardware, you’ve probably heard this. “You can’t sniff switched networks”…. wrong…. let’s see what this is about. Older networking hardware was dominated by what’s called a hub. This was basically a “dumb” device that when it received data, it would retransmit the data to every machine connected with the expectation that the correct recipient would answer and all others would ignore that data. Of course, this stream of data is possible to watch and easily available software could log all network traffic fairly easily.


So, anything that is unencrypted could be captured and analyzed by any machine hooked up to a hub. But switches were supposedly smarter and some still think that a switch prevents network sniffing. A switch is supposed to know which machines are connected to which ports. So, data destined for machine A ONLY goes to machine A. This knowledge of what machine is where relies upon MAC addressing. So, this is susceptible to a number of attacks.

First, using easily available software, an attacking machine could flood the switch with bogus (false) MAC addresses, at which point the switch will likely give up and fallover to “hub” mode. Also, it’s possible to change the mac address of a network interface. This is another fairly easily available attack. The idea is that you duplicate the MAC address of the “target machine” and then both machines receive the same data from the switch.

There’s yet another approach though that has more interesting possibilities in the area of risk though. That is something called ARP spoofing (or arp poisoning.)

So, in short, switched networks can easily be sniffed.

Related Posts

Blog Traffic Exchange Related Posts
  • SSH, Proxies (Proxy's?), Tor and Web Browsing For quite some time I've been making use of a dd-wrt modified linksys box on my home network as an openvpn endpoint so that when I'm out and about in the world, I connect the vpn, switch firefox to route through a squid proxy server on the home network and......
  • Network Security guide for the home or small business network - Part 18 - What about Dialup Users? So, most everything so far has been targetted to high speed internet users or business networks. That means if I use dialup I'm safe. Wrong. For starters, in many ways dialup internet is LESS of a risk than high speed broadband for two main reasons. First, high speed/broadband connections are......
  • The basics Well to start out, this might should be crosslinked in the computer security section, but I'm putting it in commentary primarily to catch those who might not typically look at computer security. First, why should you care about keeping your computer secure? I've heard people ask something like this. Usually......
Blog Traffic Exchange Related Websites
  • SANS Network Security 2011 in Las Vegas, NV - Exclusive Promotion We have a new promotion exclusive to SANS Network Security 2011(Las Vegas, NV), September 17-26. ************************************ SANS Network Security 2011 Exclusive Promotion: Register for any applicable SANS Network Security 2011 full course and receive a free OnDemand bundle. ┬áPlease use promo code Conn_SecOrbOD when registering to receive the SANS OnDemand......
  • Save Heaps at Home Saving money on energy bills is something that appeals to everybody, young or old, single or married, rich or poor. Whatever your circumstances, you can benefit from the facilities available online to help you find cheaper energy deals. For example, if you compare energy prices at moneysupermarket, you could......
  • Wireless Broadband Internet-whether It Is LAN Or WAN Service-is Associated Having A Wireless broadband Internet-whether it is LAN or WAN service-is associated having a number of diverse myths. These typically center on security and need to do with anxiety about how info is transmitted over a wireless connection and, furthermore, need to do with concerns about eavesdropping, in several cases. You will......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site