Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: VoIP Hopper: New test tool

from [jpecou] Network Security [Permanent Link]
Subject: Re: VoIP Hopper: New test tool
Date: 12 Sep 2007 18:54:59 -0000 
OMG this is music to my ears... For the last month I have been testing the 
Voice VLAN Vulnerability W/CDP in a lab at my job. I figured if you currently 
have a data vlan configured with Mac Sticky and 802.1x Authentication you might 
be setting your self back by adopting a voice VLAN that only requires a phone 
to send a CDP packet to basically "Authenticate or place it on the Voice side"  
I have been using Yersinia and CDP to spoof CDP packets of what would resemble 
a Cisco Phone. I noticed that the switch is seeing this traffic and placing me 
onto the voice VLAN instead of the data side but I could not for the life of me 
figure out how to communicate with the DHCP server and/or any other service for 
that matter. I am definately going to check this tool out to see I can finally 
close this chapter. Thanks!

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Wiping Solaris Servers, Holstein, Robert - BLS CTR
Next by Date:  Re: Wiping Solaris Servers, Adrian Sanabria
Previous by Thread:  VoIP Hopper: New test tool, Jason Ostrom
Next by Thread:  Re: Windows firewall question, Claudio Broglia
Indexes:  [Date] [Thread] [Top] [All Lists]