<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Penetration Testing: Re: [PEN-TEST] Spoofing switched networks

Re: [PEN-TEST] Spoofing switched networks

From: Nathan Catlow <nsc_at_QSF.DEMON.CO.UK>
Date: Wed, 7 Feb 2001 17:49:17 +0000

In my experience the only successful VLAN breaches I have seen have been
through insecure methods of VLAN membership (by IP or by MAC address) or by
getting onto the main backbone and 'joining' VLANS through insecure Gigabit or
ATM ports oh and of course people leaving 'default' management ports bound to
the wrong VLAN (usualy the first VLAN configured) which is always a good one.

I have never seen VLAN breaches by flooding of MAC addresses. This is more
likely to produce a VLAN to lose it's switching capability but not *all* VLANS
to start cross populating traffic.

But hey doesn't mean it's not possible.

regards,

Nathan.

--
nsc_at_qsf.demon.co.uk |  All opinions   | IT Security Specialist
                    |  are my own     |
*I'd love to give my 0.02 worth - Have you got change for a dollar?*

Received on Feb 07 2001

This message: [ Message body ]
Next message: Aurobindo Sundaram (+1 512 918 1390): "[PEN-TEST] Hacking SQL queries ..."
Previous message: Reinder Wiersma: "Re: [PEN-TEST] Expand right under Win2K"
In reply to: Simon Waters: "Re: [PEN-TEST] Spoofing switched networks"
Next in thread: shawn . moyer: "Re: [PEN-TEST] Spoofing switched networks"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos