[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] VLAN Hacking Tutorial at InfoSec Institute
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] VLAN Hacking Tutorial at InfoSec Institute
- From: Bob Dobbs <bobd10937@xxxxxxxxx>
- Date: Thu, 8 Dec 2011 14:04:12 -0800
This tutorial just rehashes ancient techniques in a general way in spotty
english.The insecurity of ARP among other issues listed are problems on any
layer 2 network and have little to do with VLAN. ARP flooding to make a
switch go into hub mode hasn't been an issue in decent switches for quite a
few years now.
The Cisco whitepaper referenced at the bottom is worth a read though
because proper configuration is indeed important:
http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtml
The @Stake VLAN security whitepaper is a good read also:
http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/tech/stake_wp.pdf
Most importantly, it says:
"The results of @stake’s test sequences clearly demonstrate that edge
technologies,
including tools such as VLANs on Cisco Catalyst switches, when configured
according to best-
practice guidelines, can be effectively deployed as security mechanisms.”
On Thu, Dec 8, 2011 at 7:19 AM, Adam Behnke <adam@xxxxxxxxxxxxxxxxxxxx>wrote:
> Ever wanted to learn how to hack a VLAN? Here is a tutorial for all of you:
> ****
>
> ** **
>
> http://resources.infosecinstitute.com/vlan-hacking/****
>
> ** **
>
> ** **
>
> ** **
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/