Hi everyone, I have basic networking knowledge, but this is stepping out of my knowledge base.
Am happy to educate myself through the wonders of youtube - I just need to know if its possible and what the terminology would be.
I have a server plugged into a managed switch (say eth:1). The server serves multiple clients on the same switch. I have ONE client plugged into another ethernet port (say eth:15) on the same switch. Is it possible to force eth:15 (the client) to only accept rx/tx data to/from eth:1 and block all access from all the other ports at a switch hardware level?
Essentially, I have some legacy hardware that only accepts pure TCP data using http: and not https: and it has ZERO authentication.
Obviously this is a real easy target for a 12 year old with a packet sniffer, so I want to mitigate as much as I can. I dont actually care if the packets themselves get sniffed as the data in the packets is not important, but by isolating one port (eth1 to eth15) at the switch hardware level it would appear like a hard cabled connection (server to client). I DONT want to use mac addresses of the server/client as a 14 year old would know how to spoof the mac address of the server. Using this idea would also mitigate a MiM attack.
As I said, Im happy to educate myself. I just dont know what I need to be researching
Am happy to educate myself through the wonders of youtube - I just need to know if its possible and what the terminology would be.
I have a server plugged into a managed switch (say eth:1). The server serves multiple clients on the same switch. I have ONE client plugged into another ethernet port (say eth:15) on the same switch. Is it possible to force eth:15 (the client) to only accept rx/tx data to/from eth:1 and block all access from all the other ports at a switch hardware level?
Essentially, I have some legacy hardware that only accepts pure TCP data using http: and not https: and it has ZERO authentication.
Obviously this is a real easy target for a 12 year old with a packet sniffer, so I want to mitigate as much as I can. I dont actually care if the packets themselves get sniffed as the data in the packets is not important, but by isolating one port (eth1 to eth15) at the switch hardware level it would appear like a hard cabled connection (server to client). I DONT want to use mac addresses of the server/client as a 14 year old would know how to spoof the mac address of the server. Using this idea would also mitigate a MiM attack.
As I said, Im happy to educate myself. I just dont know what I need to be researching