LAN and Ethernet switches are usually considered as plumbing. They are easy to install and configure, but it is easy to forget about security when things appear to be simple.

Multiple vulnerabilities exist in Ethernet switches. Attack tools to exploit them started to appear a couple of years ago (for example, the well-known dsniff package). By using those attack tools, a hacker can defeat the security myth of a switch, which incorrectly states that sniffing and packet interception are impossible with a switch. Indeed, with dsniff, cain, and other user-friendly tools on a Microsoft Windows or Linux system, a hacker can easily divert any traffic to his own PC to break the confidentiality or the integrity of this traffic.

Most vulnerabilities ...

Get LAN Switch Security: What Hackers Know About Your Switches now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.