Re: Emulate Switch for L2 Network Security Testing

["Abuse 007" <abuse007 () gmail com>]

Hi Phil,

Thanks for the help. I was aware of Dynamips/Dynagen/GNS3. Sorry for
not making that clear. As others have also mentioned it either the
real Cisco hardware or emulation of Cisco hardware to run their
software. There does not appear to be publicly available third party
implementations.

I was asking because while researching VLAN Hopping attacks I found
descriptions of the attacker negotiating a trunk via DTP.

Thanks.

On Wed, Aug 13, 2008 at 1:49 PM, Phillip Ames <pentest () una-cerveza com> wrote:
> Hi,
> You may be able to use Dynamips/Dynagen to accomplish what you need. You can
> create virtual switches that have ports assigned to different VLANs,
> however, if I recall correctly you can't telnet to those switches and manage
> them the way you can manage a "real" network switch.  You can only do that
> for L3 devices that you provide an IOS image for.
>
> Dynamips also provides a good method for capturing packets on the simulated
> devices interfaces for later analysis.
>
> HTH,
> -Phil
>
> Abuse 007 wrote:
> > I found a white paper http://www.vmware.com/pdf/esx3_vlan_wp.pdf that
> > discusses virtual switches and VLANs in VMWare ESX. The FAQ at the end
> > states that ESX does not support DTP...
> >
> > Do any linux distros support DTP?
> >
> > Thanks.
> >
> > On Wed, Aug 13, 2008 at 11:40 AM, Abuse 007 <abuse007 () gmail com> wrote:
> > > Thank you JB, I was unaware that ESXi was free now. Can ESXi do DTP
> > > and VLANs or is it emulated LANs?
> > >
> > > On Wed, Aug 13, 2008 at 5:14 AM, JB <pentest () jitonline net> wrote:
> > > > Why not use VMWare ESX 3i? It is now free, and it will allow you to do
> > > > virtual vlans
> > > >
> > > > JB
> > > >
> > > >
> > > > > Hi All,
> > > > >
> > > > > I am setting up a lab in VMWare and I am looking for ways to emulate a
> > > > > switch with 802.1q VLANs for L2 network security testing. I would like
> > > > > to be able to signal trunking via DTP and test double-tagged frames
> > > > > (QinQ) to jump VLANs, etc. I prefer open source / free solutions.
> > > > >
> > > > > Cheers.
> > > > >
> > > > >
> > > > > ------------------------------------------------------------------------
> > > > > This list is sponsored by: Cenzic
> > > > >
> > > > > Top 5 Common Mistakes in
> > > > > Securing Web Applications
> > > > > Get 45 Min Video and PPT Slides
> > > > >
> > > > > www.cenzic.com/landing/securityfocus/hackinar
> > > > >
> > > > > ------------------------------------------------------------------------
> > > >
> > > >
> > > > ------------------------------------------------------------------------
> > > > This list is sponsored by: Cenzic
> > > >
> > > > Top 5 Common Mistakes in
> > > > Securing Web Applications
> > > > Get 45 Min Video and PPT Slides
> > > >
> > > > www.cenzic.com/landing/securityfocus/hackinar
> > > > ------------------------------------------------------------------------
> >
> > ------------------------------------------------------------------------
> > This list is sponsored by: Cenzic
> >
> > Top 5 Common Mistakes in Securing Web Applications
> > Get 45 Min Video and PPT Slides
> >
> > www.cenzic.com/landing/securityfocus/hackinar
> > ------------------------------------------------------------------------
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Top 5 Common Mistakes in Securing Web Applications
> Get 45 Min Video and PPT Slides
>
> www.cenzic.com/landing/securityfocus/hackinar
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------