[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] Tuning LTSP Performance



Robert Arkiletian wrote:
2008/8/29 Terrell Prude' Jr. <microman cmosnetworks com>:
2.)  If you're running LTSP of any sort, it's assumed that you're running,
at a minimum, a switched 10/100 environment (if not, then you really should
be!).  Unless A.) it's a managed switch capable of port mirroring, and B.)
you control said switch, you can sniff *your* traffic, but not other
peoples.  To keep the Les Mikesells of the world happy, I'll point out that
yes, you could sniff the server if it's physically accessible.  But in God's
name, I hope you have it secured physically so's to (largely) prevent that!

Please enlighten me Terrell. I don't understand how having access to
the server is a vulnerability in terms of sniffing packets. One must
have root access to be able to use a program like tcpdump or wireshark
to capture packets. So if they don't have root how can they sniff?

Easy. Say you're a "curious" kid. :-) Just insert your own switch (yes, they're available on eBay) in between the server and its network drop. On your switch, mirror the port to your laptop (laptop HD's are pretty big nowadays). Boom, you've done it, and no, it ain't that hard to do. I do this sort of thing regularly at work as part of my network engineer duties when troubleshooting certain problems.

However, if the server's physically secured, then very likely its network drop is also physically secured, if it's a standard building. Thus, it becomes, obviously, much more difficult to insert any gear in between the LTSP server and its network drop.

--TP


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]