Hello, Most people believe that switches are secure because they are immune from sinffers. Vendors advertise this false security and admins take their word for it. We in the security community know differently. That is why I am starting something called the "Sinffable Switch Project." This project will consist of a maintained listing of switches - and relevant information about them - and if the switch is susceptible to being sniffed. The project's success will be contingent upon the community's participation. If you decided to participate, please include all information about the switch(es) you tested (e.g. manufacture, model, managed or unmanaged, how many ports, firmware/OS version, etc.). Please also include what you tested for - ARP spoofing, MAC flooding, MAC duplicating, or the like - and what the results were. For those of you that would like to contribute but are not exactly sure how to go about testing your switch(es), please refer to the following links: Papers: http://www.sans.org/newlook/resources/IDFAQ/switched_network.htm http://www.alaricsecurity.com/sniffer-v2.html Tools: http://ettercap.sourceforge.net http://www.monkey.org/~dugsong/dsniff The location for this project is at: http://www.alaricsecurity.com/ssp.html Please email results to: alaric@alaricsecurity.com Sincerely, Alaric
