[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] Tuning LTSP Performance



Terrell Prude' Jr. wrote:
Rob Owens wrote:
On Fri, Aug 29, 2008 at 11:41:42PM -0400, Terrell Prude' Jr. wrote:
Robert Arkiletian wrote:
2008/8/29 Terrell Prude' Jr. <microman cmosnetworks com>:
2.) If you're running LTSP of any sort, it's assumed that you're running, at a minimum, a switched 10/100 environment (if not, then you really should be!). Unless A.) it's a managed switch capable of port mirroring, and B.)
you control said switch, you can sniff *your* traffic, but not other
peoples. To keep the Les Mikesells of the world happy, I'll point out that yes, you could sniff the server if it's physically accessible. But in God's name, I hope you have it secured physically so's to (largely) prevent that!
Please enlighten me Terrell. I don't understand how having access to
the server is a vulnerability in terms of sniffing packets. One must
have root access to be able to use a program like tcpdump or wireshark
to capture packets. So if they don't have root how can they sniff?
Easy. Say you're a "curious" kid. :-) Just insert your own switch (yes, they're available on eBay) in between the server and its network drop. On your switch, mirror the port to your laptop (laptop HD's are pretty big nowadays). Boom, you've done it, and no, it ain't that hard to do. I do this sort of thing regularly at work as part of my network engineer duties when troubleshooting certain problems.


Or even easier (well, at least cheaper) is to throw a hub in between the server and the main switch. A hub mirrors all ports -- at least that's how I understand it. Anyway, I've tried it and it works.

-Rob


Yep, that'll certainly do it, too. The problem with that approach is that it'd be much more noticeable from a performance standpoint. Collisions will slow down LTSP to a crawl, and further, you'll slow the server's NIC down to 100Mbps (Gig-E switches don't exist--fortunately). Therefore, naturally, someone'll investigate sooner than if you used a managed 10/100/1000 switch to do the same thing.

--TP

'Scuze me...I meant "Gig-E *HUBS* don't exist--fortunately."  Geez....

--TP


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]