Re: VALN hopping
From: Kenton Smith (listsks_at_yahoo.ca)
Date: 09/29/05
- Previous message: Kenton Smith: "Re: Hard Drive Intergrety Status"
- In reply to: josh_at_tstc.edu: "VALN hopping"
- Next in thread: Payton, Zack: "RE: VALN hopping"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 29 Sep 2005 12:01:46 -0400 (EDT) To: security-basics@securityfocus.com
It's my view that VLAN's were never intended to be
used as a security measure, rather they're for traffic
isolation. A byproduct of this is that it is more
difficult to access the traffic on the "other"
network. Unless you're going to have a firewall or
IDS/IPS between the two networks it's pretty trivial
for someone with much knowlegde to get from one VLAN
to another. As another level of a defense in depth
strategy a VLAN is great but it shouldn't really be
considered a way to secure traffic or hosts.
Kenton
--- josh@tstc.edu wrote:
> WWe are having a heated discussion about using
> VLAN's as a type of DMZ, so
> I am asking the experts. I prsonally like to see
> physical isolation;
> however, our network person doesn't feel there is a
> threat of VLAN
> hopping. Please let me know your opinions.
>
> Thank you,
>
__________________________________________________________
Find your next car at http://autos.yahoo.ca
- Previous message: Kenton Smith: "Re: Hard Drive Intergrety Status"
- In reply to: josh_at_tstc.edu: "VALN hopping"
- Next in thread: Payton, Zack: "RE: VALN hopping"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
