|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Some very strange network behaviors
Mike Lewinski wrote: > > Christopher Bird wrote: > > > This seems strange to me since they are arriving at an IP address that > > is different from mine. > > That's the function of a hub, and the reason why you don't ever want to > send out sensitive information in plaintext. Your neighbor in the next > room over could run a packet sniffer and capture your logins. Yes and no. On a broadcast network, like Ethernet, you expect to see traffic for other hosts. The issue here is that it looks like the traffic for these other hosts was getting delivered to Christopher's link-layer address. If he kicks his NIC into promiscuous mode and sees all of this traffic with a sniffer, then this is expected. That's the scenario you highlight. If, OTOH, he's sitting there and traffic for other IP addresses is getting delivered to his NIC with the NIC's MAC address in there, something strange is going on. Unless he has his NIC switched to promiscuous mode and the OS's IP stack is misbehaving badly, Zone Alarm should not see the traffic on the LAN that does not have his MAC address on it. How would a switch/router be deciding that these other IP addresses should go to his PC's NIC (MAC address)? -- Crist J. Clark [email protected] Globalstar Communications (408) 933-4387
|