Penetration Testing mailing list archives
Re: [PEN-TEST] Spoofing switched networks
From: Sam Quigley <squigley () FIDERUS COM>
Date: Tue, 6 Feb 2001 20:30:16 -0500
Because they can, sometimes, be made to fail open. Then, everything is on one big LAN, and standard switch sniffing methods can reveal all the network traffic. -sq On Tue, Feb 06, 2001 at 05:48:45PM +0100, Lindqvist, Johan wrote:
Hi.Actually, sniffing isnt' that heard either. There are several ways to do it such as making the switch you are a trunk port and you need all the traffic. In order words, don't put a switch and VLANs in place and expect that to be your security because they can be defeated.As for switching, I'm fully aware that it's not a security mechanism that cannot be defeated easily. However that VLANs have no security impact is news to me. Since VLANS are defined on physical switch port basis, how could they be used to receive or send traffic on other VLANs? /Johan -- Johan Lindqvist Security Specialist DRIFTBOLAGET AB, MÖLNDALSVÄGEN 81, 412 63 GÖTEBORG, SWEDEN PHONE: +46 8-23 92 00 FAX: +46 709-73 46 70 DIRECT: +46 31-760 43 07 MOBILE: +46 709-73 87 07 johan.lindqvist () driftbolaget com http://www.driftbolaget.com
-- ___________________________________________________________________________ Sam Quigley office: 917-320-6529|mobile: 917-826-9612|pager: 877-433-3452 <squigley () fiderus com> <8774333452 () skytel com> GPG Fingerprint: 0107 E044 A610 1686 94F4 A147 1C5E 33A3 C470 95E1 Fiderus Strategic Security & Privacy. 1-866-FIDERUS Emergency Hotline: 1-877-595-8491
Attachment:
_bin
Description:
Current thread:
- [PEN-TEST] Spoofing switched networks Salyars, Marty (Feb 04)
- Re: [PEN-TEST] Spoofing switched networks Robert van der Meulen (Feb 04)
- Re: [PEN-TEST] Spoofing switched networks Brian Hartsfield (Feb 05)
- Re: [PEN-TEST] Spoofing switched networks Dave Ryan (Feb 05)
- <Possible follow-ups>
- Re: [PEN-TEST] Spoofing switched networks Chris St. Clair (Feb 04)
- Re: [PEN-TEST] Spoofing switched networks Lindqvist, Johan (Feb 06)
- Re: [PEN-TEST] Spoofing switched networks Sam Quigley (Feb 06)
- Re: [PEN-TEST] Spoofing switched networks Simon Waters (Feb 06)
- Re: [PEN-TEST] Spoofing switched networks Nathan Catlow (Feb 07)
- Re: [PEN-TEST] Spoofing switched networks shawn . moyer (Feb 06)
- Re: [PEN-TEST] Spoofing switched networks Sam Quigley (Feb 06)
- Re: [PEN-TEST] Spoofing switched networks Robert van der Meulen (Feb 04)
- Re: [PEN-TEST] Spoofing switched networks Eduardo_Campos (Feb 06)
- Re: [PEN-TEST] Spoofing switched networks Shoten (Feb 06)
- Re: [PEN-TEST] Spoofing switched networks Jason Brvenik (Feb 06)
- Re: [PEN-TEST] Spoofing switched networks Ryan Russell (Feb 06)