Re: VLAN hopping - demonstration
- From: Ulric Eriksson <ulric@xxxxxxx>
- Date: Wed, 18 Oct 2006 08:57:27 +0200 (CEST)
On Wed, 18 Oct 2006, Ivan . wrote:
check these out
http://www.packetfactory.net/papers/VLAN-hopping/stake_wp.pdf
http://lists.grok.org.uk/pipermail/full-disclosure/2005-September/037252.html
http://www.sans.org/resources/idfaq/vlan.php
should get you started
Those documents show that vlan hopping doesn't work on properly configured switches.
On 10/18/06, dubaisans dubai <dubaisans@xxxxxxxxx> wrote:How do you demonstrate VLAN hopping?. I am trying to show this to a customer who has mutliple DMZ segments configured as Layer2 VLANs on a Cisco 6500 switch. There is NO trunk port on this switch but DTP is turned on on all ports.
Is it enough to cascade another L2 switch on an access port [ say VLAN 100] of the 6509, connect a desktop on this second switch and send a packet with different VLAN ID [say VLAN 200] on the 6509.
Am I on the right track?
The right track would IMHO be to teach the customer how to configure his switch.
Ulric
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
- References:
- VLAN hopping - demonstration
- From: dubaisans dubai
- Re: VLAN hopping - demonstration
- From: Ivan .
- VLAN hopping - demonstration
- Prev by Date: SecureDVD - Live Pen-Testing Distro
- Next by Date: Re: unswitched behavior of a switched network...
- Previous by thread: Re: VLAN hopping - demonstration
- Next by thread: Re: VLAN hopping - demonstration
- Index(es):
Relevant Pages
|
|
