Vulnerability Development mailing list archives

Vlans

From: Tim Salus <tsalus () CBOSS COM>
Date: Wed, 17 Jan 2001 09:02:03 -0800

I am not certain if this is the place to ask this and if not please let
me know where to send it.

I have a client who has the following configuration

Internet -> router -> firewall -> load balancer

The connection from the router to the firewall is on a switch and the
connection from the inside interface of the firewall is on the same
switch. The separation is done using VLANS.

I was taught this is bad due to 802.1q tagging and VLAN hopping using
tagged packets. The problem is I can find very little information on
this to prove my point.

Also what if there is no 802.1q trunking being done. Is there still a
problem with this?

Is there an exploit to get around the firewall and do server flooding by
jumping VLANS.

No one can get on the firewall segment so what I need to know is can
anyone on the internet cause a problem with this type of configuration.

Thanks in advance

Timothy L. Salus

Current thread:

Vlans Tim Salus (Jan 17)
- Re: Vlans Tony Soprano (Jan 18)
- Re: Vlans Dom De Vitto (Jan 18)
  - Re: Vlans Tim Salus (Jan 18)
- Re: Vlans Aaron D. Turner (Jan 18)
- Re: Vlans John Kinsella (Jan 18)
  - Re: Vlans Samuel Patton (Jan 19)
  - Re: Vlans Aaron D. Turner (Jan 22)
    - Re: Vlans John Kinsella (Jan 21)
    - Re: Vlans Dom De Vitto (Jan 22)
    - Re: Vlans Dan Kaminsky (Jan 22)

(Thread continues...)