On Fri, 13 Sep 2002 08:06:25 PDT, Joe Touch said: > Hosts with root can't snoop anything but broadcast UDP on switches > unless the switch is configurable; many switches aren't. Unfortunately, this isn't actually true - unless you've nailed down the switch with a hardwired MAC-address-per-port configuration, you can get it to cough up other people's data. The canonical "brute force" method is to simply flood the poor switch's ARP cache and sniff the traffic while it's learning. Snooping around the various repositories of such tools would find more subtle ways of doing it.... -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
Attachment:
pgp00120.pgp
Description: PGP signature