[Asterisk-Dev] VoIP Call Sniffer
Tilghman Lesher
tilghman at mail.jeffandtilghman.com
Sat Jan 8 20:08:00 MST 2005
On Saturday 08 January 2005 20:02, Edwin Groothuis wrote:
> On Sat, Jan 08, 2005 at 03:14:10PM -0500, Alexander Lopez wrote:
> > So if I use switches does that offer any basic easedroping
> > protection.
>
> On that piece of LAN yes.
Not really, no. All you need to do is to flood the switch with more
MAC addresses than can be stored in its internal table (2048 addresses
for most low-end switches, possibly 65536 addresses on high-end
switches) and the switch will automatically switch over to acting like
a hub. Note that because the MAC address space is 48-bit, you would
need to have approximately 54 Terabytes to store a table of all MAC
addresses with their corresponding IP addresses (which would be needed
to defeat this attack).
--
Tilghman
More information about the asterisk-dev
mailing list