On Fri, 13 Sep 2002 08:06:25 PDT, Joe Touch said:
Hosts with root can't snoop anything but broadcast UDP on switches
unless the switch is configurable; many switches aren't.
Unfortunately, this isn't actually true - unless you've nailed down the
switch with a hardwired MAC-address-per-port configuration, you can get it
to cough up other people's data. The canonical "brute force" method is to
simply flood the poor switch's ARP cache and sniff the traffic while it's
learning. Snooping around the various repositories of such tools would
find more subtle ways of doing it....
Computer Systems Senior Engineer
Description: PGP signature