Great Circle Associates Firewalls
(February 1994)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Two security issues
From: dotytr @ nscultrix2 . network . com (Ted Doty)
Date: Thu, 24 Feb 94 14:19:11 CST
To: davew @ viper . gvg . tek . com, fletcher @ cs . utexas . edu
Cc: firewalls @ greatcircle . com, terry . yackel @ nsco . network . com

> -> A few weeks ago, in the wake of the CERT announcement, someone wrote:
> -> 
> -> > One of the simplest solutions for local snooping, though it costs real
> -> > dollars, is to replace 10Base5 networks, 10Base2 and 10BaseT hubs with
> -> > "smart hubs".  These hubs only send traffic destined for preconfigured
> -> > specific mac addresses and broadcast packets out each hub port.  You can
> -> > snoop all you want, but you won't see traffic unless it is destined for
> -> > you.
> -> 
> -> Can someone give me a product name and point me at a vendor which sells 
> -> such a hub?
> 
> Using the Cabletron hubs with the EMME management modules, you can
> lock down the ports so that if someone attempts to connect a device
> with a different MAC address onto a port, it won't communicate.  You
> can also set alarms so you know if someone has disconnected the
> device attached to a port.  There are lots of ways of watching over
> your network with smart hubs.  BTW, Cabletron can be reached at
> 603-332-9400.
>                   
The Bytex ethernet hub has a similar feature called "Intruder Guard",
where the hub can automatically drop a port where the MAC address
changes.  One nice feature is that when you set up the hub, you can
capture the address, rather than having to type it in.

Intruder guard works very nicely with NSC's Packet Control Facility,
where our router can verify the IP/MAC address pair, allowing end-to-end
authentication of datagrams within your network.

Bytex can be reached at (508) 366-0344 (Westboro MA) or via Netwqork
Systems in Minneapolis, (800) 328-9108.

- Ted

--------------------------------------------------------------------------
Ted Doty, Network Systems Corporation | phone:      +1 301 596-2270
8965 Guilford Road, Suite 250         | fax:        +1 410 381-3320
Columbia, MD, 21046 USA               | voice mail: (800) 233-1485
--------------------------------------------------------------------------
These opinions are my own, not necessarially those of Network Systems.

Indexed By Date Previous: Network systems Routers
From: tdn @ tdn . xyplex . com (Thomas D. Nadeau)
Next: Re: Network systems Routers
From: amolitor @ anubis . network . com (Andrew Molitor)
Indexed By Thread Previous: Re: Two security issues
From: smb @ research . att . com
Next: restricting Internet Access
From: Rens . Schipper @ rivm . nl (Rens Schipper)

Google
 
Search Internet Search www.greatcircle.com