Penetration Testing mailing list archives

Re: [PEN-TEST] Spoofing switched networks

From: Nathan Catlow <nsc () QSF DEMON CO UK>
Date: Wed, 7 Feb 2001 17:49:17 +0000

In my experience the only successful VLAN breaches I have seen have been
through insecure methods of VLAN membership (by IP or by MAC address) or by
getting onto the main backbone and 'joining' VLANS through insecure Gigabit or
ATM ports oh and of course people leaving 'default' management ports bound to
the wrong VLAN (usualy the first VLAN configured) which is always a good one.

I have never seen VLAN breaches by flooding of MAC addresses. This is more
likely to produce a VLAN to lose it's switching capability but not *all* VLANS
to start cross populating traffic.

But hey doesn't mean it's not possible.

regards,

Nathan.
--
nsc () qsf demon co uk |  All opinions   | IT Security Specialist
                    |  are my own     |

*I'd love to give my 0.02 worth - Have you got change for a dollar?*

Current thread:

[PEN-TEST] Spoofing switched networks Salyars, Marty (Feb 04)
- Re: [PEN-TEST] Spoofing switched networks Robert van der Meulen (Feb 04)
  - Re: [PEN-TEST] Spoofing switched networks Brian Hartsfield (Feb 05)
- Re: [PEN-TEST] Spoofing switched networks Dave Ryan (Feb 05)
- <Possible follow-ups>
- Re: [PEN-TEST] Spoofing switched networks Chris St. Clair (Feb 04)
- Re: [PEN-TEST] Spoofing switched networks Lindqvist, Johan (Feb 06)
  - Re: [PEN-TEST] Spoofing switched networks Sam Quigley (Feb 06)
    - Re: [PEN-TEST] Spoofing switched networks Simon Waters (Feb 06)
    - Re: [PEN-TEST] Spoofing switched networks Nathan Catlow (Feb 07)
    - Re: [PEN-TEST] Spoofing switched networks shawn . moyer (Feb 06)
- Re: [PEN-TEST] Spoofing switched networks Eduardo_Campos (Feb 06)
  - Re: [PEN-TEST] Spoofing switched networks Shoten (Feb 06)
- Re: [PEN-TEST] Spoofing switched networks Jason Brvenik (Feb 06)
  - Re: [PEN-TEST] Spoofing switched networks Ryan Russell (Feb 06)