Penetration Testing mailing list archives

RE: Re: Anonymous access to Voice VLAN using CDP

From: "Jacek Materna" <jmaterna () voipshield com>
Date: Tue, 25 Jul 2006 18:04:04 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Yes,

It is not public, sorry. You can reference some Yersinia and related papers about manipulating VLANs.


Jacek M.
www.voipshield.com


- -----Original Message-----
From: jpecou () gmail com [mailto:jpecou () gmail com] 
Sent: Monday, July 24, 2006 8:28 PM
To: pen-test () securityfocus com
Subject: Re: Re: Anonymous access to Voice VLAN using CDP

It doesnt seem feasible to have completely seperate networks in my opinion. The idea is to implement in a cost 
effective manner and with as little work as possible. I find it odd that data can be trunked through the phone from the 
pc but in turn the ideal solution is to keep them completely seperate. I guess I can understand your point but like I 
said this is not the way our VoIP solution has been implemented. My question was "does anyone know of any source code 
out there that allows you to spoof a CDP packet to allow a machine access to a voice VLAN.?"

- ------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
- ------------------------------------------------------------------------------



-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.6 (Build 6060)

iQEVAwUBRMaVVOHyymhaX5d+AQppFgf9Eqqa7fIt4otnYx/FBZj4pZgzxmJJtdnD
3MSUYsByhxAmIoRq8P+PR52M8fTy8+n4WllsUyeqWczGeRI6byfGfARFP6M8fWSI
aHVM9IKEupKhmpKErpcYyuJADckt06rUuwK1U/58Rh1kod1JJW/1x8llCrtyoFoh
tfu139oeG9NEZlxDW62uj2aTsNiPRutyjF/5abbG66kixFK3AQIPu/r1FSaKrVfi
3C5CToLj+qb3WRuYPGTb8QDHIivFug0nNXJ5Y+TEEQ9hsOdWzE+fTtDJvLOsElnd
A4393jfop6Uc08FYRjo8kJxct7aBn4VzkPzpdT6JcI9wjK/C0rlICg==
=YNzd
-----END PGP SIGNATURE-----

Current thread:

Anonymous access to Voice VLAN using CDP jpecou (Jul 21)
- Re: Anonymous access to Voice VLAN using CDP Paul Robertson (Jul 21)
- RE: Anonymous access to Voice VLAN using CDP Wence Van der Meersch (Jul 25)
- <Possible follow-ups>
- Re: Re: Anonymous access to Voice VLAN using CDP jpecou (Jul 24)
  - Re: Re: Anonymous access to Voice VLAN using CDP Mario Platt (Jul 25)
- RE: Re: Anonymous access to Voice VLAN using CDP Jacek Materna (Jul 25)
- Re: RE: Re: Anonymous access to Voice VLAN using CDP lists (Jul 27)