[K12OSN] Tuning LTSP Performance
Terrell Prude' Jr.
microman at cmosnetworks.com
Sat Aug 30 16:38:20 UTC 2008
Robert Arkiletian wrote:
> On Fri, Aug 29, 2008 at 9:00 PM, Terrell Prude' Jr.
> <microman at cmosnetworks.com> wrote:
>
>> Almquist Burke wrote:
>>
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>>
>>>
>>> On Aug 29, 2008, at 9:54 PM, Robert Arkiletian wrote:
>>>
>>>> Here is my question:
>>>>
>>>> Since X traffic is sent unencrypted how is someone suppose to
>>>> intercept the packets (containing keyboard input) if using a switch
>>>> that only sends packets to their destination. So you can only sniff
>>>> yourself. (Hmm, did I just say that?) IF you are sitting at the
>>>> server ALL local traffic goes through eth0. BUT you need root access
>>>> to read those packets, don't you? So again how is direct X traffic a
>>>> vulnerability?
>>>>
>>>> The only way I can think is if, as Terrell said, you have control of
>>>> the switch and you enable port mirroring.
>>>>
>>>>
>>> ARP poisoning? All they need is access to the network on a machine with
>>> raw socket capabilities.
>>>
>> That's what port security is for, which most managed switches do support.
>> Just tell your switch to allow the LTSP server's MAC address only from that
>> one port. Any yahoo that comes along that tries any monkey business like
>> that will get his port shut down right then and there. If your switch
>> supports it, you can tell it to just disable the port for, say, two hours,
>> and then have it re-enable the port after that period.
>>
>>
>
> Cool that's a good idea. But in any case, even without managed
> switches, if everyone all of sudden loses their X sessions what's the
> point of sniffing?
>
Sniffing's a different discussion. ARP spoofing's more of a
man-in-the-middle and/or denial-of-service attack.
--TP
More information about the K12OSN
mailing list