[Dshield] Internal LAN protection
Johannes B. Ullrich
jullrich at euclidian.com
Sat Nov 24 03:50:59 GMT 2001
-----BEGIN PGP SIGNED MESSAGE-----
> There are commercial all-in-one boxes that will do the trick too, and
> they are a lot cheaper than PC. I myself use a 4 port box from
I don't know about the ZyXEL devices. But please do not mix up a $100
linksys router / switch with a serious firewall.
Most (not just cheap) switches are vulnerable to ARP spoofing. Whoever
claims that such a switch is more secure than a hub hasn't spent enough
time playing with toys like hunt or ettercap.
Also, switches do not limit communications between the ports. You need a
switch that looks at least at the IP layer to do much good.
jullrich at sans.org Join http://www.DShield.org
Distributed Intrusion Detection System
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----
More information about the list