Gary E. Miller wrote: > Yo Joe! > > On Fri, 13 Sep 2002, Joe Touch wrote: > > >>>Without a dobut you are right, though I think the degree of difference is >>>awful small. Through hosts with root on switches or through wireless into >>>the mix and you are back to being roughly equivalent. >> >>Hosts with root can't snoop anything but broadcast UDP on switches >>unless the switch is configurable; many switches aren't. > > root has no problem seeing adjacent UDP even on a switch. Just overflow the > arp cache or poison it. That all presumes the switch doesn't detect this as an attack and shutdown that link, which is an entirely reasonable reaction. Using a switch doesn't ensure security, but using multicast basically ensures promiscuity (since non-multicast capable switches are more common). joe