[Asterisk-Dev] VoIP Call Sniffer

Rich Adamson radamson at routers.com
Sat Jan 8 20:27:09 MST 2005


> > > So if I use switches does that offer any basic easedroping
> > > protection.
> >
> > On that piece of LAN yes.
> 
> Not really, no.  All you need to do is to flood the switch with more
> MAC addresses than can be stored in its internal table (2048 addresses
> for most low-end switches, possibly 65536 addresses on high-end
> switches) and the switch will automatically switch over to acting like
> a hub.  Note that because the MAC address space is 48-bit, you would
> need to have approximately 54 Terabytes to store a table of all MAC
> addresses with their corresponding IP addresses (which would be needed
> to defeat this attack).

The original response to the poster was...
yes, switches do provide one simple layer of security, but one should
consider multiple layers including userid/passwords, encryption, etc.
Another responder decided to snip that part, and then suggest switches
don't offer any security. So this thread has gotten way off the
original topic.

Rich





More information about the asterisk-dev mailing list