[K12OSN] Tuning LTSP Performance
Terrell Prude' Jr.
microman at cmosnetworks.com
Sat Aug 30 21:20:49 UTC 2008
Les Mikesell wrote:
> Terrell Prude' Jr. wrote:
>> >>
>>> Cool that's a good idea. But in any case, even without managed
>>> switches, if everyone all of sudden loses their X sessions what's the
>>> point of sniffing?
>>>
>>
>> Sniffing's a different discussion. ARP spoofing's more of a
>> man-in-the-middle and/or denial-of-service attack.
>>
>
> There are variations where you spoof a MAC address to the switch so it
> sends you some packets intended for a different port, but TCP retries
> will soon send another copy that keep the original destination from
> noticing that anything is wrong.
>
True. That's what I meant about degrading the X11 connection earlier,
due to the TCP retries. It is effectively a "somewhat nicer" DoS
attack. You'll probably notice it more if you're playing something like
TuxType.
Port security on the switch can help deal with this issue if it becomes
a problem operationally. Personally, that's what I like to do when
Layer 8 lets me do it--physically secure the LTSP server, and do port
security on the switch ports to help mitigate this sort of thing.
--TP
More information about the K12OSN
mailing list