Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Managed switches outside firewalls?

from [Lars Braeuer] Network Security [Permanent Link]
Subject: Re: Managed switches outside firewalls?
Date: Wed, 30 May 2007 19:07:26 +0200 
We ran into a problem with switches of a certain vendor when activating SSH. As 
we are still testing
the issue, I don't want to name the vendor. As it seems, opening the SSH port 
to the world, is not
good with this device. The switch locked up every one to two weeks when the 
management port was open.

At the moment we are trying to find out if it's really SSH or anything else, 
like ICMP messages that
caused the problem. We are now also tracking traffic on the management 
interface, in order to see if
the packetrate rises, before the switch locks up.

With Cisco switches we never had a problem opening up ssh in the DMZ.

Best,

Lars


Hari Sekhon wrote:

Hi,

  I need to get some new switches outside of my firewalls, which means
that they will have publicly accessible IPs if they are manageable
switches.

I'm not quite sure what security stance to take on this. I know I can
restrict the management interface to  certain IPs,  but I'm still not
sure if this is asking for trouble to have switches will accessible IPs.
Perhaps I should use a dumb switch and forgo any management features...

Do any of you guys have policies for this (like unmanaged switches
outside firewalls and managed ones inside)?

Any thoughts and suggestions welcome.

-h
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Attacking a machine on network., Mark Brunner
Next by Date:  Re: Attacking a machine on network., Ryan Chow
Previous by Thread:  RE: Managed switches outside firewalls?, Kenneth Klinzman
Next by Thread:  Re: Managed switches outside firewalls?, Nathaniel Hall
Indexes:  [Date] [Thread] [Top] [All Lists]