|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: customers and web servers and level one naps
At 11:30 AM 9/10/96 -0700, Michael Dillon wrote: >On Tue, 10 Sep 1996, Srinivasarao Mulugu wrote: > >> I know we do, Michael. And I have "their" answer. But they may not have >> the same experiences you did. > >> > > Have you had much experience, having the servers connect directly on to a >> > > level-2 device like a FDDI-to Ethernet (e.g. catalyst) connector ? and it >> > > security implications ? > >It's not a matter of experience. It's a matter of what a level-2 device is >and how it normally works. There is no security at level 2. > >Therefore, you should only connect trusted pieces of equipment to a >level-2 media unless it is being used as a point-to-point media. Lets use >Ethernet as an example. If you connect a customer web server to an >Ethernet then they can sniff any traffic that goes by and possibly do >nasty things like spoofing. Even if they would never do such a thing they >may be hacked by somebody who would do such a thing. So it is not a good >idea to share a level 2 media in this way. The MAE's are switches. Unless you are sending super secret BROADCAST traffic the security implications you are mentioning are non-existant. Justin Newton Internet Architect Erol's Internet Services - - - - - - - - - - - - - - - - -
|