Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Layer 3 and Firewall

from [dubaisans dubai] Network Security [Permanent Link]
Subject: Re: Layer 3 and Firewall
Date: Fri, 6 Oct 2006 19:26:20 +0530
2) while a technical solution exists, the best solution to this specific
issue is to address these problems from a personnel perspective 

Could you be more specific on the technical solution- because that is
what I am looking for urgently? I am not worried about VLAN hopping or
any other user-inititated attack ? . I am only worried about the
switch admin playing foul.




On 10/5/06, Paul Melson <pmelson@gmail.com> wrote: 
-----Original Message-----
Subject: Layer 3 and Firewall

> Is it a BAD idea to have multiple logical segments of a Firewall connected
to the same physical switch?

It's not a good standard to adhere to because layer-2 VLANs can be hopped in
some cases by attacking the switch, but the level and type of vulnerability
will vary by implementation.

In fact, Check Point is designed so that you can have multiple virtual
interfaces on a single physical port by using 802.1q VLAN tagging.

> The threat I see is if the network switch administrator wants to bypass
Firewall, he can just disconnect
> the Firewall links and make the VLANs Layer 3 and there is no security.
After malicious activites he can
> very well connect the Firewall and revert back to Layer 2.

This is a separate issue.  If the switch admin is not in sync with the
firewall admin or cannot be trusted, then 1) yes this is a valid threat and
2) while a technical solution exists, the best solution to this specific
issue is to address these problems from a personnel perspective and either
reassign responsibility for those switches or replace the switch admin with
someone who is trustworthy.

> Is that a valid threat ? Is it High risk ? What controls are possible ?
Are multiple physical switches
> required.?

Probably the thing to do would be to research whether or not a workstation
on either VLAN can hop to the other with the current switch configuration.
You're going to want yersinia, Cain, arptools and another Cisco switch (a
2950 is fine for this) and see if you can flood or spoof your way to the
other VLAN.  This is best done during a maintenance window or some time when
it's OK to disrupt the network.

PaulM




------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: WebServices Testing, Jamie Riden
Next by Date:  Re: Re: Frontpage no password privileges escalation?, DokFLeed
Previous by Thread:  RE: Layer 3 and Firewall, Paul Melson
Next by Thread:  Re: Layer 3 and Firewall, DaKahuna
Indexes:  [Date] [Thread] [Top] [All Lists]