"Paul D. Robertson" wrote: > Right, but in the case of a "filled up the CAM table" > type attack...
Hey, no argument from me. I just thought I'd attempt to clear up some potential confusion :) > I wonder if the default stuff that most bridged products pass > is just ARP and IP traffic, or if there are more interesting > "through the bridge" things possible. Interesting. Of course, if one assumes "properly built and properly configured", I guess it doesn't apply, but it does raise the question of an only-moderately-clued admin forgetting about these issues and if the firewall can end up passing VLAN tagged packets (or cisco/3com proprietary VLAN stuff -- argh) to switches and stuff on the inside that were never really configured to deal with it on the assumption that "they're protected". Again: interesting. -- Mikael Olsson, Clavister AB Storgatan 12, Box 393, SE-891 28 �RNSK�LDSVIK, Sweden Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 Fax: +46 (0)660 122 50 WWW: http://www.clavister.com "Senex semper diu dormit" _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
