Security Basics mailing list archives
Re: VALN hopping
From: Kenton Smith <listsks () yahoo ca>
Date: Thu, 29 Sep 2005 12:01:46 -0400 (EDT)
It's my view that VLAN's were never intended to be used as a security measure, rather they're for traffic isolation. A byproduct of this is that it is more difficult to access the traffic on the "other" network. Unless you're going to have a firewall or IDS/IPS between the two networks it's pretty trivial for someone with much knowlegde to get from one VLAN to another. As another level of a defense in depth strategy a VLAN is great but it shouldn't really be considered a way to secure traffic or hosts. Kenton --- josh () tstc edu wrote:
WWe are having a heated discussion about using VLAN's as a type of DMZ, so I am asking the experts. I prsonally like to see physical isolation; however, our network person doesn't feel there is a threat of VLAN hopping. Please let me know your opinions. Thank you,
__________________________________________________________ Find your next car at http://autos.yahoo.ca
Current thread:
- VALN hopping josh (Sep 28)
- RE: VALN hopping David Gillett (Sep 30)
- Re: VALN hopping Kenton Smith (Sep 30)
- <Possible follow-ups>
- RE: VALN hopping Hayes, Ian (Sep 30)
- Re: VALN hopping David Barroso (Sep 30)
- Re: VALN hopping Micheal Espinola Jr (Sep 30)
- RE: VALN hopping Payton, Zack (Sep 30)
- RE: VALN hopping Payton, Zack (Sep 30)
- RE: VALN hopping Scott Fuhriman (Sep 30)
- Re: VALN hopping nidude (Sep 30)