Re: OT - Layer 2 Switch

Why not configure an L3 ACL and 'permit IP any any log' on the L2 switch
and apply it inbound and outbound on the FW (if possible, all) interfaces
of the switch?

On Tue, Jul 16, 2013 at 8:50 AM, Alexei Monastyrnyi <alexeim73_at_gmail.com>wrote:

> I have a hub, want me to send you one? :-)
> on a serious note, I think you can get it for $10 from eBay...
>
> With no configuration changes restriction this may be your only option.
>
> You may try to find soem obscure L2 debugging that would reveal some L3
> info from a packet, but nothing comes to mind.
>
> Cheers
> A.
>
> On 7/16/2013 4:35 PM, Nadeem Anjum wrote:
> > Dear All,
> >
> > Hubs are not easily available on market now a days. Can a switch or
> > some ports of a switch behave like a Hub.
> >
> >
> > Thanks,
> > Nadeem Anjum
> >> ________________________________
> >> From: Joseph L. Brunner
> > <joe_at_affirmedsystems.com>
> >> To: CCIEDAVITO CCIEDAVITO <cciedavito_at_gmail.com>;
> > Eduardo Vazquez <evazquez_at_gmail.com>
> >> Cc: gaston brait <gbrait_at_hotmail.com>;
> > "ccielab_at_groupstudy.com" <ccielab_at_groupstudy.com>
> >> Sent: Tuesday, July 16,
> > 2013 3:06 AM
> >> Subject: RE: OT - Layer 2 Switch
> >>
> >>
> >> Plug in a hub and run
> > capture on linux without giving out your mac address.
> >> Even better - connect
> > one station to that hub, your sniffer to that hub and silently snoop on
> these
> > guys...
> >>
> >>
> >> -----Original Message-----
> >> From: nobody_at_groupstudy.com
> > [mailto:nobody_at_groupstudy.com] On Behalf Of CCIEDAVITO CCIEDAVITO
> >> Sent:
> > Monday, July 15, 2013 4:26 PM
> >> To: Eduardo Vazquez
> >> Cc: gaston brait;
> > ccielab_at_groupstudy.com
> >> Subject: Re: OT - Layer 2 Switch
> >>
> >> Why don't you tell
> > us what you have access to? And physical or remote reach ability.
> >> On
> > Monday, July 15, 2013, Eduardo Vazquez wrote:
> >>> put a host on the same
> > subnet and use nmap to ping all of them. show
> >>> the arp table on that host.
> >>>
> >>>
> >>> On Mon, Jul 15, 2013 at 1:50 PM, gaston brait
> >> <gbrait_at_hotmail.com<javascript:;>>
> >>> wrote:
> >>>
> >>>> I have been searching
> > for a while and haven't found any answer.
> >>>> I have several hosts connected
> > to the switch and they all belong to
> >>>> the same vlan.I don't know the ip
> > address of these hosts, but have
> >>>> the mac addressess.
> >>>> The default
> > gateway for the switch is a FW which I don4t have access
> >>>> to Is there
> > anyway to get the ip address of these hosts?
> >>>> show ip arp won't help
> >>>>
> > Regards,
> >>>> Gaston
> >>>>
> >>>>
> >>>> Blogs and organic groups at
> > http://www.ccie.net
> >>>>
> > ____________________________________________________________________
> >>>> ___
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >>>
> >>> Blogs and organic groups
> > at http://www.ccie.net
> >>>
> > ______________________________________________________________________
> >>> _
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >>
> >> Blogs and organic groups at
> > http://www.ccie.net
> >> _______________________________________________________________________
> >> Subscription information may be found at:
> >> http://www.groupstudy.com/list/CCIELab.html
> >>
> >>
> >> Blogs and organic groups at
> > http://www.ccie.net
> >> _______________________________________________________________________
> >> Subscription information may be found at:
> >> http://www.groupstudy.com/list/CCIELab.html
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>

-- 
CCIEx2 (R&S|Sec) #19963
Blogs and organic groups at http://www.ccie.net