Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: VLAN hopping - demonstration

from [Ulric Eriksson] Network Security [Permanent Link]
Subject: Re: VLAN hopping - demonstration
Date: Wed, 18 Oct 2006 08:57:27 +0200 (CEST) 

On Wed, 18 Oct 2006, Ivan . wrote:

check these out

http://www.packetfactory.net/papers/VLAN-hopping/stake_wp.pdf
http://lists.grok.org.uk/pipermail/full-disclosure/2005-September/037252.html
http://www.sans.org/resources/idfaq/vlan.php

should get you started

Those documents show that vlan hopping doesn't work on properly configured switches.

On 10/18/06, dubaisans dubai <dubaisans@gmail.com> wrote:
How do you demonstrate VLAN hopping?. I am trying to show this to a customer who has mutliple DMZ segments configured as Layer2 VLANs on a Cisco 6500 switch. There is NO trunk port on this switch but DTP is turned on on all ports.

Is it enough to cascade another L2 switch on an access port [ say VLAN 100] of the 6509, connect a desktop on this second switch and send a packet with different VLAN ID [say VLAN 200] on the 6509.

Am I on the right track?

The right track would IMHO be to teach the customer how to configure his switch.

Ulric

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  SecureDVD - Live Pen-Testing Distro, kratzer . jason
Next by Date:  Re: unswitched behavior of a switched network..., David C. Smith
Previous by Thread:  Re: VLAN hopping - demonstration, Ivan .
Next by Thread:  Re: VLAN hopping - demonstration, David M. Zendzian
Indexes:  [Date] [Thread] [Top] [All Lists]