Re: customers and web servers and level one naps
At 03:03 PM 9/10/96 -0700, Michael Dillon wrote:
On Tue, 10 Sep 1996, Justin W. Newton wrote:
Therefore, you should only connect trusted pieces of equipment to a level-2 media unless it is being used as a point-to-point media. Lets use Ethernet as an example. If you connect a customer web server to an Ethernet then they can sniff any traffic that goes by and possibly do nasty things like spoofing. Even if they would never do such a thing they may be hacked by somebody who would do such a thing. So it is not a good idea to share a level 2 media in this way.
The MAE's are switches. Unless you are sending super secret BROADCAST traffic the security implications you are mentioning are non-existant.
What about people hacking MAC addresses or screwing around with ARP and BOOTP? He was asking about attaching a customer web server to the exchange so presumably anything could be done on that box.
The same can be done with some routers. Justin Newton Internet Architect Erol's Internet Services
participants (1)
-
Justin W. Newton