[unisog] Network security police no hubs/switches/routers?
liukang at bjut.edu.cn
Tue May 24 00:13:40 GMT 2005
> #1 is security, which is apropos given the mailing list here. Those types
> devices enable others to more easily sniff traffic that is more secure in
> non-extended network.
Why? It would only make sniffing traffic that connected to their own devices
easier, if in a pure switched campus network.
> I'm sure we've all seen rogue DHCP servers perform
> rather effective DOS actions by handing out bad IP addresses.
That is true; boring rogue DHCP servers...but DHCP snooping will avoid this
I do not agree on non-extended policy, I do not think it could enhance the
security of network, but it may affect the easy of use greatly.
More information about the unisog