Originally posted by: spidey07
Originally posted by: EyeMWing
I was wondering if you were referring to the spanning tree part of 802.1D or not. Yeah, those little fvckers are dangerous weapons on networks with non-spanning switches. I actually saw it demonstrated in a network security class. "Your end users are going to cause problems, your predecessors and colleagues are going to cause a bunch of their own, but your REAL problems come from someone that knows the standards as well, or better than you do, and has $5, access to two ethernet ports and a reason to take down the entire damned network."
The easy solution to that attack, though, is to use exclusively switches of your own which support spanning tree - that way, the only disruption someone can cause is within an unauthorized extension of the network"
I can take down most networks with a hub or a switch in my hands. Not trying to brag. But if the access layer isn't using the proper security measures (most) you can bring the entire broadcast domain down very easily, if not the layer3 routing (processor flooded with broadcasts.)
As to inlinefives request - think about this....
You have a layer2 loop that spanning-tree cannot stop, it happens and it's easy to cause this. I won't go into details on how to make this happen. Each and every frame is received on one port and forwarded out the other (switches are bridges). After a few minutes of normaly activity that broadcast domain is full of nothing but layer2 broadcasts - pegging even the most hardened switches without the employment of broadcast suppression.
It is a layer2 loop, and it happens. thankfully there are features to prevent this. But suffice to say, it is easy to do.
Facebook
Twitter