If I plugged a hub inbetween a switch and firewall, that also had a device running wireshark or similar capture software connected, due to the way a hub operates, would I be able to read ALL of the traffic between the switch and firewall, E.g. All inbound and outbound packets?
Asked
Active
Viewed 162 times
0
-
This is a pure networking question and not a security question. You're asking how a hub works. – schroeder Aug 20 '19 at 19:46
-
Just because its use will be used in the context of security does not make the question about security. It's not pedantic. It's understanding the context of the stack of dependencies. – schroeder Aug 22 '19 at 10:35
1 Answers
2
In theory, yes. I did this for over a year some time back. Be prepared for the possibility of this hurting your overall throughput, especially if you've got a lot of traffic and are approaching the maximum of your firewall's interface.
Another caution, at a conference where a team was going to demonstrate this using a Linksys hub, they discovered Linksys was branding some of their switches as hubs. This was > 5 years ago but I wanted to warn you to avoid potential frustration.
ERM
- 36
- 1