HP 635n Practical IPsec Deployment for Printing and Imaging Devices - Page 16

Too Easy: The Mirror Port

Get HP 635n - JetDirect IPv6/IPsec Print Server PDF manuals and user guides
UPC - 882780301016
View all HP 635n manuals
Add to My Manuals
Save this manual to your list of manuals

Page 16 highlights

Figure 14 - Flood Open Part 2 Using the method in this section, physical access to the networking equipment was not needed and our attacker Jane was able to obtain the documents sent to and from the MFP. Too Easy: The Mirror Port Well, you may have read the last section and said: "This isn't a problem for me because all of my Ethernet switching equipment does not flood open. Instead, when the Switch MAC Table fills up, the switch simply discards packets to prevent this type of situation from happening. Since Jane cannot use MAC address flooding, I'm quite safe from any passive sniffing". Not True! In this section, we are going to cover another way Jane could have captured the data. We will continue to use Wireshark and a tool that comes with most Microsoft Windows operating systems: Telnet. Many network administrators value the ability to use network sniffing as a way of troubleshooting normal networking problems. The initial influx of Ethernet switches made it harder and harder to do network sniffing. As a result, Ethernet switches often include an option that allows them to be configured to "mirror" a port to another port to enable sniffing. Refer to Figure 15 - Mirror Port. 16

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
16
Figure 14 - Flood Open Part 2
Using the method in this section, physical access to the networking equipment was not needed and
our attacker Jane was able to obtain the documents sent to and from the MFP.
Too Easy: The Mirror Port
Well, you may have read the last section and said: “This isn’t a problem for me because all of my
Ethernet switching equipment does not flood open.
Instead, when the Switch MAC Table fills up, the
switch simply discards packets to prevent this type of situation from happening.
Since Jane cannot
use MAC address flooding, I’m quite safe from any passive sniffing”.
Not True! In this section, we
are going to cover another way Jane could have captured the data.
We will continue to use
Wireshark and a tool that comes with most Microsoft Windows operating systems: Telnet.
Many network administrators value the ability to use network sniffing as a way of troubleshooting
normal networking problems.
The initial influx of Ethernet switches made it harder and harder to do
network sniffing.
As a result, Ethernet switches often include an option that allows them to be
configured to “mirror” a port to another port to enable sniffing. Refer to Figure 15 – Mirror Port.