Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Spoofing switched networks
From: Sam Quigley <squigley () FIDERUS COM>
Date: Tue, 6 Feb 2001 20:30:16 -0500

Because they can, sometimes, be made to fail open.  Then, everything
is on one big LAN, and standard switch sniffing methods can reveal
all the network traffic.


On Tue, Feb 06, 2001 at 05:48:45PM +0100, Lindqvist, Johan wrote:

Actually, sniffing isnt' that heard either.  There are 
several ways to do
it such as making the switch you are a trunk port and you need all the
traffic.  In order words, don't put a switch and VLANs in 
place and expect
that to be your security because they can be defeated.

As for switching, I'm fully aware that it's not a security mechanism that
cannot be defeated easily. However that VLANs have no security impact is
news to me. Since VLANS are defined on physical switch port basis, how could
they be used to receive or send traffic on other VLANs?


Johan Lindqvist
Security Specialist

PHONE: +46 8-23 92 00 FAX: +46 709-73 46 70
DIRECT: +46 31-760 43 07 MOBILE: +46 709-73 87 07 
johan.lindqvist () driftbolaget com http://www.driftbolaget.com 

Sam Quigley   office: 917-320-6529|mobile: 917-826-9612|pager: 877-433-3452
<squigley () fiderus com>                              <8774333452 () skytel com>
GPG Fingerprint:         0107 E044 A610 1686 94F4  A147 1C5E 33A3 C470 95E1  
Fiderus Strategic Security & Privacy.                         1-866-FIDERUS
Emergency Hotline:                                           1-877-595-8491

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]