any advantages from using a HUb?

jeff8874 · Post by **jeff8874** » Sun Feb 16, 2003 5:41 pm

From a security standpoint, is there any advantages to branching your cable connection between 2 computers with a hub, or is it limited to routers only? I am aware what hubs do and what they don't do, and also what routers do as well. I was just wondering if any security advantage can come from using one at all, besides spliting a internet connection or creating a home network.

Post by **YeOldeStonecat** » Mon Feb 17, 2003 6:14 am

Hubs are simply dumb repeaters used to connect computers on a LAN. Nothing to do with security. Similar to a switch, except switches work differently..perform better than a hub...but again, only used to connect a LAN...nothing to do with security. Neither are used to split or share an internet connection.

Routers, specifically home market routers like you're probably talking about....are used to connect networks. The home market routers do with with a method known as NAT...network address translation. This "hides" all the computers on the inside of the router from the outside...giving you a basic hardware firewall protection.

cyberskye · Post by **cyberskye** » Mon Feb 17, 2003 12:11 pm

Hubs are simply dumb repeaters used to connect computers on a LAN. Nothing to do with security.

In a home setup I would agree with the security implications. In a business environment, a switched network is very important as it prevents someone from walking in with a laptop and sniffing your network.

...which brings me to the one (in my opinion) advantage to a hub in a home setup - you can plug a spare machine in running snort (or even tcpdump) and easily capture all network traffic. Makes IDS stuff a little easier - especially when all you have are non-managed switches.

Skye

Post by **YeOldeStonecat** » Mon Feb 17, 2003 12:24 pm

True...I was looking at it as if he was comparing a router, to a hub/switch...in "which one protected his network better" from the "outside...public side."...as in firewall.

Plus when I see cable, I automatically assume home because no cable ISP's sell to businesses at all around my area.

cyberskye · Post by **cyberskye** » Mon Feb 17, 2003 9:08 pm

I love it when we're both right

greEd · Post by **greEd** » Fri Feb 21, 2003 9:24 am

In a business environment, a switched network is very important as it prevents someone from walking in with a laptop and sniffing your network.

I would agree, but if the person walking up to your switch knows the first thing about mitm attacks, and understands all aspects of layer 2, 3 and 4 switching ... you got problems and you might as well plug into a hub.

jeff8874 · Post by **jeff8874** » Sat Feb 22, 2003 8:19 pm

I knew the difference between a router with NAT, and a hub or switch. I was just curious to know if there was ANY benefit at all, or is it stricly just a splitter like I am using it for? If anything, it is a security disadvantage, because I am networking 3 pc's with file and print sharing. Until I figure out how I am going to secure my little network, I think I will disable file and print shares

Either way, I see there is no security advantage

thanks for the input

Bouncer · Post by **Bouncer** » Sat Mar 01, 2003 1:39 am

A hub is a multiport repeater, and that is all it is.

As to sniffing a switch, a dumb switch is no more secure than a hub in that regard, only a VLAN capable or trunk group switch offers anything in the way of security in that sense.

Besides, anyone who is going to sniff your network is going to bring along an anlyzer to boot and ping sweep your networks.

I would reccommend you bind file and print sharing strictly to Netbeui and unbind it from TCP/IP. Netbeui is a non-routable protocol, so the packets won't go out the router WAN interface.

Regards,
-Bouncer-

jeff8874 · Post by **jeff8874** » Sat Mar 01, 2003 10:58 am

Yes, since I posted that last message, I have learned how to secure file and print sharing with the Netbeui protocol versus TCP/ip

Thanks for the input

jeff8874 · Post by **jeff8874** » Sat Mar 01, 2003 11:00 am

Originally posted by Bouncer
A hub is a multiport repeater, and that is all it is.

Besides, anyone who is going to sniff your network is going to bring along an anlyzer to boot and ping sweep your networks.

Regards,
-Bouncer-

What data or information can be obtained by doing this?

Bouncer · Post by **Bouncer** » Sat Mar 01, 2003 1:22 pm

Where a sniffer is going to tell you what the packets on your ethernet contain, an Analyzer has the ability to go into the connected machine (and depending on it's security) tell you an amazing amount of detail about it, what software is installed, processes that may be running, user names, who's logged on and what their username is etc etc.

Regards,
-Bouncer-

jeff8874 · Post by **jeff8874** » Sat Mar 01, 2003 1:31 pm

Would they have access to files??? I'm just curious what is the worst that can be retrieved ?

Bouncer · Post by **Bouncer** » Mon Mar 03, 2003 12:39 pm

An ethernet sniffer has the ability to pick out text so passwords or other clear text info can be observed. An alyzer will tell you what shares are available, and if there's no password on them...

Regards,
-Bouncer-