On Wed, 21 Jul 1999, Matthew Dillon wrote:
> :Perhaps I'm missing something obvious, but since switches forward packets
> :selectively per port, I would think it would be hard to sniff packets on
> :any port, w/o administrative access to the switch to tell it to mirror
> :data to a different port.
> :
> :ie, if I'm plugged into port 1, I can't see traffic on a switch on port 2
> :except for broadcast traffic...
>
> The switch routes traffic based on its ARP cache. While you cannot
> easily monitor another port's traffic, you can take over its MAC address
> and steal its traffic.
No idea, all I know is that people on our LAN without changing MAC
addresses can see all traffic going on the LAN. Even from our FreeBSD box
with trafshow, we can see traffic that is destined for the global net from
the modem dialups.
Cheers,
Vince - vi...@mcestate.com - vi...@gaianet.net ________ __ ____
Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ]
GaiaNet Corporation - M & C Estate / / / / | / | __] ]
Beverly Hills, California USA 90210 / / / / / |/ / | __] ]
HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____]
To Unsubscribe: send mail to majord...@freebsd.org
with "unsubscribe freebsd-hackers" in the body of the message
