Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Emulate Switch for L2 Network Security Testing

From: "Christophe Vandeplas" <christophe () vandeplas com>
Date: Wed, 13 Aug 2008 09:08:48 +0200
Hello,


From what I know you can indeed create virtual switches in dyna* using

the default features of dyna*. But these are quite limited to VLANs
and trunks. No other advanced switch-configurations are possible.

If you want to have a virtual-configurable switch the only way
currently is to load up an IOS firmware image of a "router" and create
a switch-module in a router. This switch-module will be configurable
with the features of this switch-module. (I understood things like
port-security are not possible in these switch-modules)

It is unfortunately not yet possible (afaik) to emulate a complete
switch by using a switch-firmware.

Dyna* indeed rocks for quickly creating lab environments with almost
no real hardware.

Christophe


On Wed, Aug 13, 2008 at 5:49 AM, Phillip Ames <pentest () una-cerveza com> wrote:


Hi,
You may be able to use Dynamips/Dynagen to accomplish what you need. You can create virtual switches that have ports 
assigned to different VLANs, however, if I recall correctly you can't telnet to those switches and manage them the 
way you can manage a "real" network switch.  You can only do that for L3 devices that you provide an IOS image for.

Dynamips also provides a good method for capturing packets on the simulated devices interfaces for later analysis.

HTH,
-Phil

Abuse 007 wrote:


I found a white paper http://www.vmware.com/pdf/esx3_vlan_wp.pdf that
discusses virtual switches and VLANs in VMWare ESX. The FAQ at the end
states that ESX does not support DTP...

Do any linux distros support DTP?

Thanks.

On Wed, Aug 13, 2008 at 11:40 AM, Abuse 007 <abuse007 () gmail com> wrote:


Thank you JB, I was unaware that ESXi was free now. Can ESXi do DTP
and VLANs or is it emulated LANs?

On Wed, Aug 13, 2008 at 5:14 AM, JB <pentest () jitonline net> wrote:


Why not use VMWare ESX 3i? It is now free, and it will allow you to do
virtual vlans

JB



Hi All,

I am setting up a lab in VMWare and I am looking for ways to emulate a
switch with 802.1q VLANs for L2 network security testing. I would like
to be able to signal trunking via DTP and test double-tagged frames
(QinQ) to jump VLANs, etc. I prefer open source / free solutions.

Cheers.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------





------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------




------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: