From: Erin Carroll (amoeba@amoebazone.com)
Date: Tue Oct 17 2006 - 16:16:03 EDT
All,
I've let the last few posts on this subject today go through (you'll be
seeing them hit your inbox shortly) but unless this steers back toward a
pen-test focused discussion I'll reject further posts. The topic is
interesting and has covered a lot of routing concepts and aspects but this
is a pen-testing list and not Cisco support :)
Thanks,
-- Erin Carroll Moderator SecurityFocus pen-test list "Do Not Taunt Happy-Fun Ball" > -----Original Message----- > From: listbounce@securityfocus.com > [mailto:listbounce@securityfocus.com] On Behalf Of Jon Hart > Sent: Monday, October 16, 2006 2:54 PM > To: Buz Dale > Cc: Krugger; pen-test@securityfocus.com > Subject: Re: unswitched behavior of a switched network... > > On Mon, Oct 16, 2006 at 03:55:43PM -0400, Buz Dale wrote: > > I can think if a couple of possibilities. 1) This is > > broadcast/multicast traffic. 2) The mac addresses are unknown to the > > switch (So it will flood to find them.) 3) The port could be a trunk > > or a mirror of a trunk. > > I am also seeing normal broadcast/multicast traffic, but that is to be > expected. #3 is not the case here. > > As for #2, thats kinda where I was going with my original question -- > why would a switch that is processing a session between two endpoints > suddently forget the MAC? Yes, there are timeouts in play here, but > aren't those along the lines of several minutes? > > Thanks, > > -jon > > ----------------------------------------------------------------------- > - > This List Sponsored by: Cenzic > > Need to secure your web apps? > Cenzic Hailstorm finds vulnerabilities fast. > Click the link to buy it, try it or download Hailstorm for FREE. > http://www.cenzic.com/products_services/download_hailstorm.php?camp=701 > 600000008bOW > ----------------------------------------------------------------------- > - ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:13 EDT