Security Basics mailing list archives
RE: VALN hopping
From: "Scott Fuhriman" <fuhrimans () llix net>
Date: Fri, 30 Sep 2005 12:16:49 -0700
VLAN hopping can be trivial as stated, but so can any attack if poor configuration and administration is involved. If you make the appropriate configurations to secure your devices the risk of VLAN hopping can be mitigated (of coarse, other factors such as the manufacturer and features available to secure against Layer2 attacks can put you back into the trivial attack mode). Although you could create a DMZ type environment using VLANs it wouldn't be a best practice and the other more accepted methods would be considered more secure due to less risk of poor configuration. SSF -----Original Message----- From: Payton, Zack [mailto:Zack.Payton () MWAA com] Sent: Thursday, September 29, 2005 9:20 AM To: josh () tstc edu; security-basics () securityfocus com Subject: RE: VALN hopping By the way... See scapy.py or yersinia to get an idea of how trivial VLAN hopping attacks can be. Z -----Original Message----- From: josh () tstc edu [mailto:josh () tstc edu] Sent: Wednesday, September 28, 2005 12:59 PM To: security-basics () securityfocus com Subject: VALN hopping WWe are having a heated discussion about using VLAN's as a type of DMZ, so I am asking the experts. I prsonally like to see physical isolation; however, our network person doesn't feel there is a threat of VLAN hopping. Please let me know your opinions. Thank you,
Current thread:
- VALN hopping josh (Sep 28)
- RE: VALN hopping David Gillett (Sep 30)
- Re: VALN hopping Kenton Smith (Sep 30)
- <Possible follow-ups>
- RE: VALN hopping Hayes, Ian (Sep 30)
- Re: VALN hopping David Barroso (Sep 30)
- Re: VALN hopping Micheal Espinola Jr (Sep 30)
- RE: VALN hopping Payton, Zack (Sep 30)
- RE: VALN hopping Payton, Zack (Sep 30)
- RE: VALN hopping Scott Fuhriman (Sep 30)
- Re: VALN hopping nidude (Sep 30)