[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] Tuning LTSP Performance

Les Mikesell wrote:
Terrell Prude' Jr. wrote:
Cool that's a good idea. But in any case, even without managed
switches, if everyone all of sudden loses their X sessions what's the
point of sniffing?

Sniffing's a different discussion. ARP spoofing's more of a man-in-the-middle and/or denial-of-service attack.

There are variations where you spoof a MAC address to the switch so it sends you some packets intended for a different port, but TCP retries will soon send another copy that keep the original destination from noticing that anything is wrong.

True. That's what I meant about degrading the X11 connection earlier, due to the TCP retries. It is effectively a "somewhat nicer" DoS attack. You'll probably notice it more if you're playing something like TuxType.

Port security on the switch can help deal with this issue if it becomes a problem operationally. Personally, that's what I like to do when Layer 8 lets me do it--physically secure the LTSP server, and do port security on the switch ports to help mitigate this sort of thing.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]