| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <o2w85c7eb2d1004281426i78ba43ccp1d0cd10217490b29@mail.gmail.com> Date: Wed, 28 Apr 2010 17:26:09 -0400 From: "Jason T. Masker" <jason@...ker.net> To: bugtraq@...urityfocus.com Subject: Re: STP mitm attack idea Jann Horn <jannhorn@...glemail.com> wrote on 04/28/2010 12:20:55 PM: > From: > > Jann Horn <jannhorn@...glemail.com> > ... > If you had a WLAN-link, you could simplify that a lot - as far as I > understand, you are able to make the switches redirect the traffic to > your machines. > Anyway, this attack sounds like something a good switch can easily > prevent by having a list of "STP trusted ports" or something like that. > Doesn't that exist? Best practice is to implement layer 2 security mechanisms which would identify these ports as "access" ports and shut them down if any STP traffic was received through these interfaces. On Cisco equipment, this is known as BPDU guard. http://www.cisco.com/en/US/customer/tech/tk389/tk621/technologies_tech_note09186a008009482f.shtml
Powered by blists - more mailing lists