RE: Re: Anonymous access to Voice VLAN using CDP

From: Jacek Materna (jmaterna@voipshield.com)
Date: Tue Jul 25 2006 - 18:04:04 EDT

• Next message: Mike Klingler: "Attacking TACACS"
• Previous message: Thor (Hammer of God): "Re: Hidden Copying Software"
• Maybe in reply to: Paul Robertson: "Re: Anonymous access to Voice VLAN using CDP"
• Next in thread: lists@packetfocus.com: "Re: RE: Re: Anonymous access to Voice VLAN using CDP"
• Maybe reply: lists@packetfocus.com: "Re: RE: Re: Anonymous access to Voice VLAN using CDP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Yes,

It is not public, sorry. You can reference some Yersinia and related papers about manipulating VLANs.

Jacek M.
www.voipshield.com

- -----Original Message-----
From: jpecou@gmail.com [mailto:jpecou@gmail.com]
Sent: Monday, July 24, 2006 8:28 PM
To: pen-test@securityfocus.com
Subject: Re: Re: Anonymous access to Voice VLAN using CDP

It doesnt seem feasible to have completely seperate networks in my opinion. The idea is to implement in a cost effective manner and with as little work as possible. I find it odd that data can be trunked through the phone from the pc but in turn the ideal solution is to keep them completely seperate. I guess I can understand your point but like I said this is not the way our VoIP solution has been implemented. My question was "does anyone know of any source code out there that allows you to spoof a CDP packet to allow a machine access to a voice VLAN.?"

- ------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
- ------------------------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.6 (Build 6060)

iQEVAwUBRMaVVOHyymhaX5d+AQppFgf9Eqqa7fIt4otnYx/FBZj4pZgzxmJJtdnD
3MSUYsByhxAmIoRq8P+PR52M8fTy8+n4WllsUyeqWczGeRI6byfGfARFP6M8fWSI
aHVM9IKEupKhmpKErpcYyuJADckt06rUuwK1U/58Rh1kod1JJW/1x8llCrtyoFoh
tfu139oeG9NEZlxDW62uj2aTsNiPRutyjF/5abbG66kixFK3AQIPu/r1FSaKrVfi
3C5CToLj+qb3WRuYPGTb8QDHIivFug0nNXJ5Y+TEEQ9hsOdWzE+fTtDJvLOsElnd
A4393jfop6Uc08FYRjo8kJxct7aBn4VzkPzpdT6JcI9wjK/C0rlICg==
=YNzd
-----END PGP SIGNATURE-----

• Next message: Mike Klingler: "Attacking TACACS"
• Previous message: Thor (Hammer of God): "Re: Hidden Copying Software"
• Maybe in reply to: Paul Robertson: "Re: Anonymous access to Voice VLAN using CDP"
• Next in thread: lists@packetfocus.com: "Re: RE: Re: Anonymous access to Voice VLAN using CDP"
• Maybe reply: lists@packetfocus.com: "Re: RE: Re: Anonymous access to Voice VLAN using CDP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:23 EDT