RE: VALN hopping

["Craig Wright" <cwright () bdosyd com au>]

Possible - that may or can be, exist.

Probable - likely to occur or prove true.

There exists a possibility that a moon sized asteroid will hit the earth
in the next 100 years.

The probability of a moon sized asteroid hitting the earth in the next
1000 years is near to zero.

Risk is about assessing both the threat with the level of associated
impact and the likelihood of occurrence.

Threat  - VLAN hopping is not a big threat/impact internal to the
network on open areas.
                - VLAN hopping is a critical threat over DMZ or public
links with extreme impacts

Impact  - internal - likely to be low - there are other ways to attack
if inside the network
                - external - very high - this allows attacks to bypass
the firewalls etc - thus has a high impact

Likelihood      - Internal - low to medium at best (though easy it is
not a likely attack)
                - external - medium to high - it all depends on the site

I have quite happily demonstrated VLAN hopping. It is generally easy if
you know how the network is configured - and do not think that this
makes it safe.

Craig

-----Original Message-----
From: Micheal Espinola Jr [mailto:michealespinola () gmail com] 
Sent: 2 October 2005 5:43
To: security-basics () securityfocus com
Subject: Re: VALN hopping

As you've seen so far, there are a number of 'possible but not very
likely' replies to your question.  But my question to you (and anyone
else following along) is:  Do you secure your network based on a matter
of probability or possibility?

Personally, I secure my network based on possibility.


On 9/28/05, josh () tstc edu <josh () tstc edu> wrote:
> WWe are having a heated discussion about using VLAN's as a type of 
> DMZ, so I am asking the experts.  I prsonally like to see physical 
> isolation; however, our network person doesn't feel there is a threat 
> of VLAN hopping.  Please let me know your opinions.
>
> Thank you,


--
ME2  <http://www.santeriasys.net/>