[NOISE] Geek Apartments and Etherpunks

Bill Stewart stewarts at ix.netcom.com
Fri Aug 16 04:11:41 PDT 1996


At 04:55 AM 8/14/96 -0400, Rabid Wombat <wombat at mcfeely.bsfs.org> wrote:

>Most manufacturers offer SNMP-manageable hubs, but these don't offer 
>MAC-layer security. That usually costs a lot extra. The MAC-layer feature 
>is not widely used.

AT&T was about the first vendor with that feature.
Aside from solving a _lot_ of potential security problems,
it was very convenient for finding out what device really
_was_ connected to what hub port - the hub recorded the most recent
MAC address received on each port, and you could compare that to
ARP tables and untangle lots of problems.  Not as fancy as a Sniffer,
but let you do things that a Sniffer on ThinWire couldn't.

(Of course, since it wasn't NSA-rated, the fact that it actually did
solve security problems didn't give us extra slack on government jobs
that needed it. )

A multi-port bridge gives you similar security capability,
but generally costs more because it needs buffering and
much more intelligence; the AT&T SmartHub was a lot simpler and
(in its day) cheaper.  It was about twice the cost of a regular hub,
half the excess from cool features and half because it was from AT&T :-)
It was less reliable than the regular hub, because it needed a fan
to handle the extra heat from the processor board, and 
was also more awkward to mount.  And the SNMP implementation was
rather buggy, though it did have a convenient PC SNMP manager
that knew how to use SNMP-over-MAC and the special features of the hub.
Cool device.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!







More information about the cypherpunks-legacy mailing list