[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Xen-users] traffic sniff problem

  • To: "Thomas Ronner" <thomas@xxxxxxxxxx>, <Xen-users@xxxxxxxxxxxxxxxxxxx>
  • From: "Jonathan Tripathy" <jonnyt@xxxxxxxxxxx>
  • Date: Fri, 18 Jun 2010 14:07:56 +0100
  • Cc:
  • Delivery-date: Fri, 18 Jun 2010 06:15:16 -0700
  • List-id: Xen user discussion <xen-users.lists.xensource.com>
  • Thread-index: AcsO5xIwfQUPsVDlSDyRzgzZPvHeKwAADLM8
  • Thread-topic: [Xen-users] traffic sniff problem


From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx on behalf of Thomas Ronner
Sent: Fri 18/06/2010 14:02
To: xen-users
Subject: Re: [Xen-users] traffic sniff problem

On 18 Jun 2010, at 14:51, Jingyun He wrote:

> Hello,
> I have xen node, it has a few VPSes, it used bridge network mode, and
> we noticed that if one vps is restarted or a new vps is started, the
> bridge will send all traffic to all interface during a few seconds,
> and I did run a sniff program in one vps, it successful restrived some
> password with these traffic.
> Any solution?

The above situation also occurs with physical switches. When the 
topology changes or someone floods the switch with lots of mac-
addresses it temporarily runs in hub-mode forwarding everything. A 
switch is a device for enhancing performance, not security.

The only solution is not to send passwords in clear text (which is a 
good idea in any case).



Can you not use arptables to prevent the above happening?

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.