NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Switch vs Hubs and VLANS



Hi,

they are right. Any computer connected to a HUB can with a packetsniffer see _every packet_ that is transmitted on the network. If you use a switch this cannot be done for all network traffic, broadcasts however will be transmitted to every computer on the same layer2 network.

And you can use VLANS if you have a VLAN switch, but beware to _NOT_ set the management interface of the VLAN Swich to either 'Internet' or 'DMZ'. The switch could be hacked and with access to your switch the hacker can "move" a dmz server to the external 'Internet'.

best regards

        //Claes Jansson

At 09:32 2002-01-28 +0000, you wrote:

I have a pair of Nokia IP440 setup with VRRP running FW1 V4.1

I have been told that using a switch instead of a hub is more secure, can someone please confirm if this is so.

Also If I use a switch, can I use VLANS, so I can setup half the switch for my DMz and half for the outside Interfaces.

Regards
________________________________________________________________________
Clovis Alexander McDougle
New Technologies Manager, Computer Services
Tel: +44 (0) 1303 236750, E-mail: [email protected]

Portex Limited, Hythe, Kent CT21 6JL, UK
Incorporated in England under No:362847
Registered office: 765 Finchley Road, London NW11 8DS, UK

This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient please notify us immediately by telephoning and asking for me. You should not copy it or use it for any purpose and not disclose it to anyone else. This E-mail is not intended to constitute a commitment or an offer to enter into a contract by Portex Limited or affiliated company.
================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.