At 03:03 PM 9/10/96 -0700, Michael Dillon wrote:

On Tue, 10 Sep 1996, Justin W. Newton wrote:

...

...

Therefore, you should only connect trusted pieces of equipment to a level-2 media unless it is being used as a point-to-point media. Lets use Ethernet as an example. If you connect a customer web server to an Ethernet then they can sniff any traffic that goes by and possibly do nasty things like spoofing. Even if they would never do such a thing they may be hacked by somebody who would do such a thing. So it is not a good idea to share a level 2 media in this way.

The MAE's are switches. Unless you are sending super secret BROADCAST traffic the security implications you are mentioning are non-existant.

What about people hacking MAC addresses or screwing around with ARP and BOOTP? He was asking about attaching a customer web server to the exchange so presumably anything could be done on that box.

The same can be done with some routers. Justin Newton Internet Architect Erol's Internet Services