PaulDotCom mailing list archives
Re: [GPWN-list] layer 2 testing lab
From: Robin Wood <robin () digininja org>
Date: Mon, 21 Oct 2013 13:58:55 +0100
On 21 October 2013 13:34, Christopher Rowe <crowe0323 () gmail com> wrote:
Robin et al., I am curious of the experience of those who have tried testing for DTP during an assessment [ whether "authorized" or not :-) ]. Has anyone found this type of attack successful? Putting a switch into strictly access mode is trivial (one command "switchport mode access") amd is pretty routine. It's covered in every Cisco configuration guideline/training/book that I've seen, as far as I can recall (though DTP may not be expllicty covered) Of course, that's not to say that many people don't bother with this, expecially part-time or informally trained engineers that might be found in smaller shops, which is why I ask the "real world" experiences.
I'm still learning all this layer 2 stuff so haven't had chance to try it on a real test yet but my experience from testing other areas, when there is a default that works people don't often change it. I regularly find default credentials and configurations on things so wouldn't expect this to be any different. I could be wrong though. Robin
./cr On Mon, Oct 21, 2013 at 8:04 AM, Robin Wood <robin () digininja org> wrote:On 11 September 2013 12:47, Robin Wood <robin () digininja org> wrote:On 9 September 2013 16:38, Robin Wood <robin () digininja org> wrote:I've just released part 1 of a series I'm developing on layer 2 attacks: http://www.digininja.org/blog/gns_vbox_basic_lab.php The lab is built using GNS3 and VirtualBox and starts with VLANs but I've got plans to move on to routing protocols and other things later. Layer 2 is not my thing so if any experts out there want to point out any mistakes or ways to improve things please do, I'm all ears.And here is part 2, this time adding VLANs to the lab and showing how to move between them. Also an intro to trunk ports vs access ports. http://www.digininja.org/blog/gns_vbox_vlan_lab.phpAnd the final part on VLANs, abusing Cisco Dynamic Trunking Protocol, DTP: http://www.digininja.org/blog/abusing_dtp.php This shows how to spot DTP and then how to use it to turn your access mode port into a trunk. Robin _______________________________________________ gpwn-list mailing list gpwn-list () lists sans org https://lists.sans.org/mailman/listinfo/gpwn-list
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Re: layer 2 testing lab Robin Wood (Oct 21)
- Message not available
- Re: [GPWN-list] layer 2 testing lab Robin Wood (Oct 21)
- Message not available