OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Shoten (shotenSTARPOWER.NET)
Date: Tue Feb 06 2001 - 19:28:34 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Ahh, this is a distinction that I had to clarify here just last week. Just
    because a switch is considered "hardware" and looks like a hub does not mean
    that the configuration is hardware-based. To the contrary, it's
    software...software that keeps track of which ports should be speaking with
    which other ports. Getting one VLAN to bleed into another is not quite as
    simple as just getting the switch to fail open and span all ports by
    blasting a bazillion MAC addresses onto the wire, but it is well worth
    remembering that we are talking about software when it really comes down to
    it. Furthermore, if you have a manageable switch, which most of them are,
    you can directly speak with the software there. SNMP, anyone? :)

    ----- Original Message -----
    From: <Eduardo_CamposCREDOMATIC.COM>
    To: <PEN-TESTSECURITYFOCUS.COM>
    Sent: Tuesday, February 06, 2001 3:57 PM
    Subject: Re: [PEN-TEST] Spoofing switched networks

    Right, since VLANs are defined on hardware, how can you convince the switch
    to give you a trunk port ?
    That would be the only way to receive and send traffic to other VLANS.
    VLANS were not designed with security on mind. Broadcast domain division in
    fact is the best advantage you achieve with VLANs. Although, making VLANs
    and creating access-lists on the router which enable communications between
    them (if you permit it) can give you a very good way to have more strict
    security.

                        "Lindqvist, Johan"
                        <johan.lindqvistDRIFTBO To:
    PEN-TESTSECURITYFOCUS.COM
                        LAGET.COM> cc:
                        Sent by: Penetration Subject: Re:
    [PEN-TEST] Spoofing switched networks
                        Testers
                        <PEN-TESTSECURITYFOCUS.
                        COM>

                        06-02-01 10:48 AM
                        Please respond to
                        Penetration Testers

    Hi.

    > Actually, sniffing isnt' that heard either. There are
    > several ways to do
    > it such as making the switch you are a trunk port and you need all the
    > traffic. In order words, don't put a switch and VLANs in
    > place and expect
    > that to be your security because they can be defeated.

    As for switching, I'm fully aware that it's not a security mechanism that
    cannot be defeated easily. However that VLANs have no security impact is
    news to me. Since VLANS are defined on physical switch port basis, how
    could
    they be used to receive or send traffic on other VLANs?

    /Johan 

    --
Johan Lindqvist
Security Specialist

    DRIFTBOLAGET AB, MÖLNDALSVÄGEN 81, 412 63 GÖTEBORG, SWEDEN
PHONE: +46 8-23 92 00 FAX: +46 709-73 46 70
DIRECT: +46 31-760 43 07 MOBILE: +46 709-73 87 07
johan.lindqvistdriftbolaget.com http://www.driftbolaget.com