Mike McCarty wrote:
John Stumbles wrote:
What do you mean "Cannot act as a bridge"?
A switch uses MAC addresses for ascertaining where to forward
a message. It is unaware of IP addresses, so it cannot connect
different nets.
Yup. That's bridging, defined in 802.1d
http://www.ieee802.org/1/pages/802.1D.html
And what do you mean by 'not secure'?
No firewall. Any message sent to a given MAC is delivered to
it. There is no concept of LAN side vs WAN side.
OK. from a different POV they _are_ secure: unlike a hub (repeater)
which sends every packet to all connected ports switches only forward
[1]packets to their destination ports. This is more secure as traffic
cannot be sniffed by stations on other ports[2]. Which just goes to show
that 'security' is not a simple quality of which one can have more or
less (like money) but a set of qualities.
John Stumbles
[1] non-broadcast
[2] bar certain exploits such as MAC flood attacks
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
