RE: VALN hopping
From: Hayes, Ian (Ian.Hayes_at_wynnlasvegas.com)
Date: 09/29/05
- Previous message: Cony Zhou ΦάΚ₯: "RE: Windows Vista current flaws"
- Maybe in reply to: josh_at_tstc.edu: "VALN hopping"
- Next in thread: David Barroso: "Re: VALN hopping"
- Reply: David Barroso: "Re: VALN hopping"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <security-basics@securityfocus.com> Date: Wed, 28 Sep 2005 17:50:37 -0700
Safeguard against traversing VLANs is getting better, but I still don't
like the idea of having mixed security VLANs on the same switch. There
are still a number of exploits that have a chance of working, such as
CAM table flooding. IMHO, good design physically separates the security
zones- you really can't rely that logical constraints are going to
always work, but then I'm a belt-and-suspenders kind of guy when it
comes to network design. I'm expecting something to fail.
Ian Hayes | Senior Systems Engineer
Wynn Las Vegas
3131 South Las Vegas Blvd, Las Vegas, NV 89109
Ph (702) 770-3252 | Cell (702) 266-6002
Ian.hayes@wynnlasvegas.com
> -----Original Message-----
> From: josh@tstc.edu [mailto:josh@tstc.edu]
> Sent: Wednesday, September 28, 2005 9:59 AM
> To: security-basics@securityfocus.com
> Subject: VALN hopping
>
> WWe are having a heated discussion about using VLAN's as a type of
DMZ, so
> I am asking the experts. I prsonally like to see physical isolation;
> however, our network person doesn't feel there is a threat of VLAN
> hopping. Please let me know your opinions.
>
> Thank you,
>
- Previous message: Cony Zhou ΦάΚ₯: "RE: Windows Vista current flaws"
- Maybe in reply to: josh_at_tstc.edu: "VALN hopping"
- Next in thread: David Barroso: "Re: VALN hopping"
- Reply: David Barroso: "Re: VALN hopping"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
