[K12OSN] Tuning LTSP Performance
Rob Owens
rowens at ptd.net
Sat Aug 30 20:44:38 UTC 2008
On Fri, Aug 29, 2008 at 11:41:42PM -0400, Terrell Prude' Jr. wrote:
> Robert Arkiletian wrote:
> >2008/8/29 Terrell Prude' Jr. <microman at cmosnetworks.com>:
> >
> >>2.) If you're running LTSP of any sort, it's assumed that you're running,
> >>at a minimum, a switched 10/100 environment (if not, then you really
> >>should
> >>be!). Unless A.) it's a managed switch capable of port mirroring, and B.)
> >>you control said switch, you can sniff *your* traffic, but not other
> >>peoples. To keep the Les Mikesells of the world happy, I'll point out
> >>that
> >>yes, you could sniff the server if it's physically accessible. But in
> >>God's
> >>name, I hope you have it secured physically so's to (largely) prevent
> >>that!
> >>
> >
> >Please enlighten me Terrell. I don't understand how having access to
> >the server is a vulnerability in terms of sniffing packets. One must
> >have root access to be able to use a program like tcpdump or wireshark
> >to capture packets. So if they don't have root how can they sniff?
> >
>
> Easy. Say you're a "curious" kid. :-) Just insert your own switch
> (yes, they're available on eBay) in between the server and its network
> drop. On your switch, mirror the port to your laptop (laptop HD's are
> pretty big nowadays). Boom, you've done it, and no, it ain't that hard
> to do. I do this sort of thing regularly at work as part of my network
> engineer duties when troubleshooting certain problems.
>
Or even easier (well, at least cheaper) is to throw a hub in between the server and the main switch. A hub mirrors all ports -- at least that's how I understand it. Anyway, I've tried it and it works.
-Rob
More information about the K12OSN
mailing list