[unisog] Network security police no hubs/switches/routers?

Julian Y. Koh kohster at northwestern.edu
Mon May 23 17:43:27 GMT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 09:29 -0400 05/23/2005, Vijay S Sarvepalli VSSARVEP wrote:
>anybody have a lay man explanation in their policy
>about "Why hubs/routers are not allowed on the campus network?"

#1 is security, which is apropos given the mailing list here.  Those types of
devices enable others to more easily sniff traffic that is more secure in a
non-extended network.

#2 is operational integrity.  This is not as important in the days of
switches as opposed to hubs, but there are definite limits on how many
repeaters and the like that you can sustain in a collision domain, as well as
overall network diameter.  We have also seen malfunctioning hublets and other
devices spewing bad traffic that takes down parts of the network.  Finally,
in the case of routers, I'm sure we've all seen rogue DHCP servers perform
rather effective DOS actions by handing out bad IP addresses.


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html>

iQA/AwUBQpIILw5UB5zJHgFjEQJoTwCgg/ukF0u+FpKaic4OwnKDbvFokLcAoPDR
roLaa8IQQGvNHIXzA/mQijLV
=my+T
-----END PGP SIGNATURE-----

-- 
Julian Y. Koh                         <mailto:kohster at northwestern.edu>
Network Engineer                                   <phone:847-467-5780>
Telecommunications and Network Services         Northwestern University
PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html>


More information about the unisog mailing list