OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Jason Brvenik (jasonBRVENIK.COM)
Date: Tue Feb 06 2001 - 15:04:40 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    [ snip old message ]

    Please forgive me if this has been pointed out. Just subscribed to this
    list today.

    A discussion about this just went on about a month ago on vuln-dev.
    here are the resulting resources.

    http://www.cisco.com/warp/public/cc/so/cuso/epso/sqfr/safe_wp.htm
    http://www.sans.org/infosecFAQ/switch_security.htm

    [might wrap]
    http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Fstart%3D2001-01-21%26list%3D82%26fromthread%3D0%26threads%3D1%26tid%3D157774%26end%3D2001-01-27%26

    [might wrap]

    jason.

    As for switching, I'm fully aware that it's not a security mechanism
    that
    cannot be defeated easily. However that VLANs have no security impact is

    news to me. Since VLANS are defined on physical switch port basis, how
    could
    they be used to receive or send traffic on other VLANs?

    /Johan 

    --
Johan Lindqvist
Security Specialist

    DRIFTBOLAGET AB, MÖLNDALSVÄGEN 81, 412 63 GÖTEBORG, SWEDEN
PHONE: +46 8-23 92 00 FAX: +46 709-73 46 70
DIRECT: +46 31-760 43 07 MOBILE: +46 709-73 87 07
johan.lindqvistdriftbolaget.com http://www.driftbolaget.com