Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: VALN hopping

from [Payton, Zack] Network Security [Permanent Link]
Subject: RE: VALN hopping
Date: Thu, 29 Sep 2005 12:19:15 -0400 
Use separate devices, not VLANs to segregate your DMZ from your internal
network.  What if I was able to establish a trunk link with the switch
from the dmz and just hop past your firewall (DTP makes this trivial).
What if I was able to flood your cam table with bogus addresses to the
point where it gives up and starts acting as a hub (an older attack
doesn't really work against newer devicess).  What if I was able to find
a buffer overflow in ciscos CDP parser  (I'd have to be good but it's
possible).   What if I could shut down your internal network by DOS
attacking the DMZ switch (DOS attacks against cisco devices are the most
common exploit found for them).   The advent of newer switches that have
things like dhcp rogue server detection and arp inspection merely serve
to add more points where your Ethernet frames get run against more code
in the switches... Meaning more opportunity for exploitation and fun and
profit.

No seriously though if I see a client using one switch for their
internal and external networks I ask for more money as I know it's going
to be a rough job.  See Cisco's SAFE implementation diagrams and
propaganda.

Zack Payton
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Software Firewalls, Lance.Druger
Next by Date:  RE: VALN hopping, Payton, Zack
Previous by Thread:  Re: VALN hopping, Micheal Espinola Jr
Next by Thread:  RE: VALN hopping, Payton, Zack
Indexes:  [Date] [Thread] [Top] [All Lists]