HP 635n Practical IPsec Deployment for Printing and Imaging Devices - Page 16
Too Easy: The Mirror Port
UPC - 882780301016
View all HP 635n manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 16 highlights
Figure 14 - Flood Open Part 2 Using the method in this section, physical access to the networking equipment was not needed and our attacker Jane was able to obtain the documents sent to and from the MFP. Too Easy: The Mirror Port Well, you may have read the last section and said: "This isn't a problem for me because all of my Ethernet switching equipment does not flood open. Instead, when the Switch MAC Table fills up, the switch simply discards packets to prevent this type of situation from happening. Since Jane cannot use MAC address flooding, I'm quite safe from any passive sniffing". Not True! In this section, we are going to cover another way Jane could have captured the data. We will continue to use Wireshark and a tool that comes with most Microsoft Windows operating systems: Telnet. Many network administrators value the ability to use network sniffing as a way of troubleshooting normal networking problems. The initial influx of Ethernet switches made it harder and harder to do network sniffing. As a result, Ethernet switches often include an option that allows them to be configured to "mirror" a port to another port to enable sniffing. Refer to Figure 15 - Mirror Port. 16