Re: HP BL30's and VLAN's

From: jkowall (
Date: 03/04/05

  • Next message: Dan Rogers: "Testing large networks"
    Date: Fri, 04 Mar 2005 12:10:36 -0500
    To: Michael Sierchio <>

    You can arp spoof any switch that is misconfigured. You can gain a span
    port on seperated switches as well, its just 2 spans versus one.

    Having proper IDS and monitoring is the only way to detect and prevent
    this stuff.

    Michael Sierchio wrote:

    > jkowall wrote:
    >> VLANs are just as secure as different switches.
    > I beg to differ. It is possible to gain a spanning port on a
    > VLAN switch, either through the normal mechanism or by overloading
    > the MAC db.
    > Even under normal operation, you won't be getting the same
    > degree of traffic separation.
    > Regards,
    > Michael Sierchio


  • Next message: Dan Rogers: "Testing large networks"