PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [GPWN-list] layer 2 testing lab

From: Robin Wood <robin () digininja org>
Date: Mon, 21 Oct 2013 13:58:55 +0100
On 21 October 2013 13:34, Christopher Rowe <crowe0323 () gmail com> wrote:

Robin et al.,

I am curious of the experience of those who have tried testing for DTP
during an assessment [ whether "authorized" or not :-)  ]. Has anyone found
this type of attack successful? Putting a switch into strictly access mode
is trivial (one command "switchport mode access") amd is pretty routine.
It's covered in every Cisco configuration guideline/training/book that I've
seen, as far as I can recall (though DTP may not be expllicty covered) Of
course, that's not to say that many people don't bother with this,
expecially part-time or informally trained engineers that might be found in
smaller shops, which is why I ask the "real world" experiences.




I'm still learning all this layer 2 stuff so haven't had chance to try
it on a real test yet but my experience from testing other areas, when
there is a default that works people don't often change it. I
regularly find default credentials and configurations on things so
wouldn't expect this to be any different. I could be wrong though.

Robin




./cr


On Mon, Oct 21, 2013 at 8:04 AM, Robin Wood <robin () digininja org> wrote:


On 11 September 2013 12:47, Robin Wood <robin () digininja org> wrote:


On 9 September 2013 16:38, Robin Wood <robin () digininja org> wrote:


I've just released part 1 of a series I'm developing on layer 2
attacks:

http://www.digininja.org/blog/gns_vbox_basic_lab.php

The lab is built using GNS3 and VirtualBox and starts with VLANs but
I've
got plans to move on to routing protocols and other things later.

Layer 2 is not my thing so if any experts out there want to point out
any
mistakes or ways to improve things please do, I'm all ears.



And here is part 2, this time adding VLANs to the lab and showing how to
move between them. Also an intro to trunk ports vs access ports.

http://www.digininja.org/blog/gns_vbox_vlan_lab.php




And the final part on VLANs, abusing Cisco Dynamic Trunking Protocol, DTP:

http://www.digininja.org/blog/abusing_dtp.php

This shows how to spot DTP and then how to use it to turn your access
mode port into a trunk.

Robin
_______________________________________________
gpwn-list mailing list
gpwn-list () lists sans org
https://lists.sans.org/mailman/listinfo/gpwn-list




_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
Previous By Date Next
Previous By Thread Next

Current thread: