on 1/23/02 11:00 AM, Steven Fisher at [EMAIL PROTECTED] wrote: > on 1/23/02 8:43 AM, Jim Warthman at [EMAIL PROTECTED] > wrote: > >> While this might work, it does have some issues. In particular, this >> configuration places everything on your LAN (especially other computers >> connected directly to the switch) "directly" on the Internet, accessible to >> hackers. > > I have this feeling this discussion is chasing it's tail. :) > > I don't believe the quoted statement is true, because this is a switch not a > hub. Things downlink of a switch aren't visible unless the switch is > configured to permit it to be seen.
This really depends on if the switch also has routing functions. Your comment about configuration implies you are thinking of a router, not a pure switch. For some gross generalities: A hub will present all traffic on all ports. A switch will present only traffic destined to a machine attached directly or indirectly to a port only on that port, not all ports on the switch, but will not restrict what can go to the port. Therefore, a switch will not block an IP port scan. A router will present traffic to a port only if it is destined to a machine attached directly or indirectly to a port and it meets other criteria, such as having certain IP addresses and IP port numbers. Thus a router normally will block most of a port scan in default configurations. -- Eric Hildum -- To unsubscribe: <mailto:[EMAIL PROTECTED]> archives: <http://www.mail-archive.com/entourage-talk%40lists.letterrip.com/> old-archive: <http://www.mail-archive.com/entourage-talk%40lists.boingo.com/>
