Re: [Fed-Talk] Apple - Remote Desktop 3
Re: [Fed-Talk] Apple - Remote Desktop 3
- Subject: Re: [Fed-Talk] Apple - Remote Desktop 3
- From: Rex Sanders <email@hidden>
- Date: Tue, 11 Apr 2006 11:04:30 -0700
Tim Miller wrote:
>Michael Pike wrote:
>
>> they are all on the same switch with me, so it never leaves the
>> switch... should I still?
>
>I'd still recommend it. There have been switch vulnerabilities, and if
>it's a VLAN capable switch, the traffic could be going over trunk ports
>you're not aware of.
Good recommendation. Repeat after me - switches are not security devices,
switches are not security devices, switches ...
There are several hacker tools available for sniffing or redirecting switch
traffic, and many of the attacks are generic, i.e. any switch manufacturer
can be attacked through basic protocol weaknesses.
Some switches will lock Ethernet addresses to ports. Even those are
vulnerable to certain attacks.
Our goal is to encrypt all username/password traffic. We're almost there.
Now if we could just convince headquarters(*).
-- Rex
(*) I don't want my payroll and personnel info hacked.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden