Hp switch - enable promiscuous interface but prevent possibile attack

Phoenix5650

10/16/22, 8:41 AM

i'm facing a strange request my client have done to me and i would like some help. He ask me to put a probe in promiscuous mode in my ced between my network and the mpls than connect us and them for sniffing voip packet and analyze registration on rtp channel.

In my opinion this is a security issue, beacuse once it capture the source packet of my network and there are ton of possibility of attack like spooffing, ARP poisoning ect ect

i have an hp switch Switch HPE OfficeConnect 1950 so i thought of enable promiscuous mode on the interface but enable also somethink like ip/mac binding:

ip source-binding vlan interface

Is this enough for you?

Thank for the advice.

0 + 1

networking

switch

promiscuous

Zac67

10/19/22, 1:28 PM

You need a firewall in between networks, letting only defined traffic pass. Anything MAC-based can be easily spoofed and is useless.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Hp switch - enable promiscuous interface but prevent possibile attack

TH: สวิตช์ Hp - เปิดใช้งานอินเทอร์เฟซที่หลากหลาย แต่ป้องกันการโจมตีที่อาจเกิดขึ้น

RO: Hp switch - activați interfața promiscuă, dar preveniți posibilele atacuri

RU: Переключатель Hp - включить неразборчивый интерфейс, но предотвратить возможную атаку

VI: Chuyển đổi Hp - kích hoạt giao diện bừa bãi nhưng ngăn chặn cuộc tấn công có thể xảy ra

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.