Re: Better way to do VLAN in Linux

El vie, 27 de 08 de 2004 a las 14:02, Dave Paris escribiÃ:
> Additionally, be sure to check with various online resources (i.e. 
> Bugtraq) regarding the switch's vulnerability to VLAN hopping and apply 
> appropriate methods/patches/etc. available to mitigate this risk.
>
> Remember, VLANs aren't a security "magic bullet".  They help, to be 
> sure, and PVLANs are better, but neither are as good as physically 
> isolating LANs on their own switches.
>
> Kind Regards,
> -dsp

Thanks for the advice. I read in some articles about the dangers of
VLANs, so I was quite involved with the security considerations. What
I didn't know was where Linux could solve some of this dangers or
make them worse. The conclusion I have made it's Linux doesn't make
the situation better or worse, it just can work with a VLAN without
much trouble to configure it.

For the shake of completeness, what it's a PVLAN? I never have heard
about them. I suppose it's a kind of more Physically isolated VLAN,
but I've been googling about it and it's like chinese for me (really,
I write PVLAN in google and it shows a lot of chinese/korean/whatever
pages).



-- 
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac@bgsec.com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÃA

The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
                -- Jack Kerouac, "On the Road"