On Fri, 16 Mar 2001 13:05:06 -0800, Mike Fedyk <[EMAIL PROTECTED]> wrote: >On Fri, Mar 16, 2001 at 09:24:56PM +0100, Marc Haber wrote: >> Please be aware, though, that the MAC address is trivial to forge >> nowadays. >Hmm, how does a switch deal with the same mac address coming from two ports >at the same time?
It will probably flap. MAC address forging will only work if the host that owns the forged MAC is switched off or disabled in some other way. >Does that mean that we've lost the added security from ethernet switches? I >can see that if a switch was fooled into sending traffic to two ports that >could be a security problem, if security depends on the switching function. Using a non-VLANned switch for security is a bad idea IMO. Greeetings Marc -- -------------------------------------- !! No courtesy copies, please !! ----- Marc Haber | " Questions are the | Mailadresse im Header Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15 Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29
