Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
Hey guys, I have a question. What would be the point of using a hub instead of a router or a switch on a network (either home or business) from a security standpoint? I would think a hub would be easier to hack, with it using broadcasting to see who is connected (with a router doing it based off of IP and switch based off of mac address). SO any ideas? I've been asked this and I cannot find the answer.
thanks for the help
HUBs and Switches basically serve the same purpose. Most new "HUBs" are actually switches and from a home user point of view there isn't any difference other than the way that they allocate the bandwidth (switches are better at it).
Routers are used to share an internet/network connection. If you connect your switch to your internet connection you will expose your computers to the wide open internet. If you put a router there it acts as a firewall and helps protect your computers from being access from the outside world because it hides your computers.
If you are talking about things in a business environment you can get into some crazy things with router and switches.
Your best choice is to use a router if you are sharing an internet connection.
0 
I would think a hub would be easier to hack, with it using broadcasting to see who is connected (with a router doing it based off of IP and switch based off of mac address).
First off, SOHO router's are switches with NAT, a firewall and DHCP added onto them. They're not "real" routers in the true sense of the word. Regardless, a router doesn't route traffic based on IP address.
You can't "hack" a hub. You can however hack equipment attached to it.
You could hack a switch I guess providing it's an enterprise level managed switch. But what would be the point. They don't really provide any services or contain any data you'd have any use for. Generally speaking, hackers go after PC's or servers attached to switches.
Hub's broadcast to all ports. Switches don't. That's their basic difference, switches intelligently transfer data. Usually based on MAC tables. Returning data is sent to the port of origin, and no other. This alleviates broadcasts storms and collisions. None of the above really has anything to do with security, only network performance.
I suppose if you're a hacker a hub would make it a lot easier find out what's all attached to it, but, you'd have to connected to it or at least one of the machines plugged into it. Either way, a switch or hub, if you're connected to it (or one of the machines plugged into it) you could use a packet sniffer and would still find out what's all attached to it and could then proceed to attempt to hack one or all of them.
Just a thing to consider. If you have a firewall, that will prevent external sources getting into your network and hacking you. Of course, a firewall won't prevent you from an internal hacker.
0
ok, to help put this into perspective, I am not doing this for setting up a home network, I am good with all that. I was asked this on a job interview. I mean, so why would someone use a hub instead of a router or switch? I would think the other two would be more effective. Is it price? And is there any reason security oriented? Thanks
0
Well to be honest, I've rarely seen a hub in use in a long long time. In fact, the last time I saw one was close to 10 years ago.
I don't know why anybody would. I suspect if they are, it's a case of them having had that unit in place and see no need to change it. Not that that makes a whole lot of sense, but in a smaller environment, a hub wouldn't be that big a deal. Whereas, a hub in a large (and busy) environment could cause excess collisions/resends.
To be completely honest, that particular question just plain old makes no sense. There's no "security" benefit to using a hub, or really, a switch. As I stated above, there is a big benefit to using a switch in a large (and busy) environment over a hub, but that has nothing to do with security and everything to do with network performance.
I've had some stupid questions asked of me in interviews. Generally speaking, it's because whoever's doing the questioning doesn't know very much themselves, or they're using questions they downloaded from the web....which often has the same result (ie: a stupid question that makes no sense).
In fact, I got one job because one of the 3 interviewers asked a stupid question like yours and I pointed out that the question didn't make sense in the context it was asked. (The question was asked by the HR rep, not the IT guy). The IT person in the interview broke out laughing. He told me later that I was the only person interviewed who noticed that the question didn't make sense and was therefore unanswerable. He didn't correct the HR rep at the outset (ie: the first interview) because it was as good a way as any to see if the person being interviewed knew what they were talking about.
0
slight exception to the curt R post. with managed switches(cisco 24 port bad boys) you can lock down the ports. so say you have 10 computers conected you can tell it to read all the mac adresses that are present and store them. then if some one trys to attach a new comp the switch will flag up some one tried to brake in and kill that port. even if you move the cables around the ports it will lock the ports down. also the data from one pc to another only goes from pc a to b and no other pcs on the switch will be able to packet sniff.
but he is right the question is a bit off switches and hubs do roughly the same job(extend the netwok). one is the brute force metod and spews crap all over the place and the other is more subtle.
as for routers they join 2 networks so there a diffrent beast compleatly
rule of thumb is stay away from hubs. switches are as cheape and do a better job. unless you want to take down a network then forget viruses use a cheap 4 port hub. can grind the network to the hault in seconds .waste endless hours in fault finding and will age you network team by about a year through stress.
all text needs typos. There there for the reader to find,to distract them from the total lack of content.
google it! wasnt the answer to the question i asked so dont be dense and give me that repl
0
slight exception to the curt R post. with managed switches(cisco 24 port bad boys) you can lock down the ports. so say you have 10 computers conected you can tell it to read all the mac adresses that are present and store them. then if some one trys to attach a new comp the switch will flag up some one tried to brake in and kill that port.
I'm in the middle of getting rid of our old 24 port Cisco garbage in favor of high density 1000 Mbps capable Nortel Baystack 5510/5520's. What you're saying basically applies to any/all managed enterprise level switches. But, in order to "break into" a managed switch, you would have to know the password, or be able to guess it. This would of course require you being connected to it first.
As a rule of thumb (security wise) in our environment, all unused ports are shut off. So just plugging into any avaialable port in our environment would be of no use, the port is disabled. Even if you unplugged someone elses PC and used that port, you would then have to know what subnet we're using in that particular port. We have many instances where even a single switch is carrying multiple VLAN's which would make guessing the correct subnet hard. And then too, you'd have to guess an IP that's not in use.
Of course, all it would take is logging into the aforementioned PC and opening a command prompt and typing "ipconfig" to see that PC's IP addres in order to use it's IP after unplugging it, but that would require the ability to login, which a stranger (ie: not an employee) wouldn't have. We stress security in our environment and people where I work rarely forget to lock workstations when they walk away from them, so a stranger would have trouble there too.
Even if you accomplish all the above (a working port, a free IP in the correct subnet and actually logging into the domain), you're still stuck trying to get into the management interface of the switch. Good luck with that since I'm the guy that puts the passwords in them and I'm anal about security and have minimum, 16 character complex passwords. That and all switches/routers and network appliances in our environment are on a separate (management) subnet and again, you'd have to know the IP of the switch to telnet into it (or http). Without familiarity with our network setup, you could spend a long long time trying to guess the IP of a switch (or switches).
To be honest, you'd have to be an employee, or ex employee with fairly intimate knowledge of our VLAN's, switches and which subnets are in which areas to even begin to try to break into our switches. As far as breaking into a switch goes, should a network technician (there are two of us) quit on bad terms, the first thing I would do is change the passwords immediately so as to prevent something like that from happening.
They don't pay me big bucks cause I'm pretty. I'm not. They pay me because I'm darn good at what I do and as I said above, I'm anal about security.
As for attempts from inside (ie: an employee) I of course have monitoring in place. Only certain IP's are allowed to telnet/http/snmp into our switches. Should an unallowed IP try, I get an alert which is immediately sent to my cell phone. Within 3 minutes I'd know who, and from where and within another 2 minutes that party would be up to their eyeballs in alligators and on their way out the door. Terminated with extreme prejudice. No severance, no second chances, accounts all disabled and escorted into the arms of waiting police officers so they can be charged with a few nasties that would be expensive as well as likely result in them spending time in jail.
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
