Re: Testing Hubs and Switches
From: Cedric Blancher (blancher@cartel-securite.fr)
Date: 12/11/02
- Previous message: s c: "Novell NDS"
- In reply to: Julian Young: "Testing Hubs and Switches"
- Next in thread: Valgasu: "Re: Testing Hubs and Switches"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Cedric Blancher <blancher@cartel-securite.fr> To: Julian Young <julian.young@nl.compuware.com> Date: 11 Dec 2002 17:36:39 +0100
Le mer 11/12/2002 à 10:02, Julian Young a écrit :
> Some time back, i guess it was last summer, somebody was asking for
> volunteers to test their hubs and switches for security venerabilities.
> as the time i think he wanted to put together a who's who of switches
> and hubs.
> Does any one recognize this , remember any urls or what happened to the
> project. I was unable to participate at the time but still like to test
> mine if they have not already been tested
Project seem to be stalled :
http://www.alaricsecurity.com/ssp.html
It was an interesting idea, but the only submission is about ARP cache
poisoning, and we all know switches are vulnerable to this, just because
of their design.
> Further is any one knows of any testing tools / techniques i would also
> be very interested
Taranis will be a good start :
http://www.bitland.net/taranis/
Taranis relies on MAC spoofing to redirect network traffic.
You can also have a look at dsniff package :
http://monkey.org/~dugsong/dsniff/
It comes with macof tool that perform CAM table flooding. A switch can
fall into repeater mode for some MAC when CAM table is full.
If you want a complete view of switches attacks, have a look at Sean
Convery presentation at Black Hat USA 2002 you can find here :
http://opensores.thebunker.net/pub/mirrors/blackhat/presentations/bh-usa-02/
You'll find layer 2 attacks such MAC attacks, ARP attacks, protocols
attacks (CDP, DTP, VTP), VLAN hopping and others.
-- Cédric Blancher <blancher@cartel-securite.fr> Consultant en sécurité des systèmes et réseaux - Cartel Sécurité Tél: +33 (0)1 44 06 97 87 - Fax: +33 (0)1 44 06 97 99 PGP KeyID:157E98EE FingerPrint:FA62226DA9E72FA8AECAA240008B480E157E98EE ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
- Next message: Valgasu: "Re: Testing Hubs and Switches"
- Previous message: s c: "Novell NDS"
- In reply to: Julian Young: "Testing Hubs and Switches"
- Next in thread: Valgasu: "Re: Testing Hubs and Switches"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
