[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Xen-users] traffic sniff problem


  • To: "Thomas Ronner" <thomas@xxxxxxxxxx>, <Xen-users@xxxxxxxxxxxxxxxxxxx>
  • From: "Jonathan Tripathy" <jonnyt@xxxxxxxxxxx>
  • Date: Fri, 18 Jun 2010 14:07:56 +0100
  • Cc:
  • Delivery-date: Fri, 18 Jun 2010 06:15:16 -0700
  • List-id: Xen user discussion <xen-users.lists.xensource.com>
  • Thread-index: AcsO5xIwfQUPsVDlSDyRzgzZPvHeKwAADLM8
  • Thread-topic: [Xen-users] traffic sniff problem


 


From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx on behalf of Thomas Ronner
Sent: Fri 18/06/2010 14:02
To: xen-users
Subject: Re: [Xen-users] traffic sniff problem


On 18 Jun 2010, at 14:51, Jingyun He wrote:

> Hello,
> I have xen node, it has a few VPSes, it used bridge network mode, and
> we noticed that if one vps is restarted or a new vps is started, the
> bridge will send all traffic to all interface during a few seconds,
> and I did run a sniff program in one vps, it successful restrived some
> password with these traffic.
>
> Any solution?


The above situation also occurs with physical switches. When the 
topology changes or someone floods the switch with lots of mac-
addresses it temporarily runs in hub-mode forwarding everything. A 
switch is a device for enhancing performance, not security.

The only solution is not to send passwords in clear text (which is a 
good idea in any case).


Thomas.

_______________________________________________

Can you not use arptables to prevent the above happening?

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.