Re: HP BL30's and VLAN's

From: jkowall (jkowall@shocking.net)
Date: Fri Mar 04 2005 - 12:10:36 EST

• Next message: Dan Rogers: "Testing large networks"
• Previous message: David Cravshaw: "Re: UNIX/Windows audit scripts"
• Maybe in reply to: Merrick, Carl: "HP BL30's and VLAN's"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

You can arp spoof any switch that is misconfigured. You can gain a span
port on seperated switches as well, its just 2 spans versus one.

Having proper IDS and monitoring is the only way to detect and prevent
this stuff.

Michael Sierchio wrote:

> jkowall wrote:
>
>> VLANs are just as secure as different switches.
>
>
> I beg to differ. It is possible to gain a spanning port on a
> VLAN switch, either through the normal mechanism or by overloading
> the MAC db.
>
> Even under normal operation, you won't be getting the same
> degree of traffic separation.
>
> Regards,
>
> Michael Sierchio

• application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature

• Next message: Dan Rogers: "Testing large networks"
• Previous message: David Cravshaw: "Re: UNIX/Windows audit scripts"
• Maybe in reply to: Merrick, Carl: "HP BL30's and VLAN's"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:17 EDT