[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAMnEBtcOJnNpSB+KNrf+V0zA4W6GeVbdZfDqsV6usTeDe=jcow@mail.gmail.com>
Date: Thu, 8 Dec 2011 14:04:12 -0800
From: Bob Dobbs <bobd10937@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: VLAN Hacking Tutorial at InfoSec Institute
This tutorial just rehashes ancient techniques in a general way in spotty
english.The insecurity of ARP among other issues listed are problems on any
layer 2 network and have little to do with VLAN. ARP flooding to make a
switch go into hub mode hasn't been an issue in decent switches for quite a
few years now.
The Cisco whitepaper referenced at the bottom is worth a read though
because proper configuration is indeed important:
http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtml
The @Stake VLAN security whitepaper is a good read also:
http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/tech/stake_wp.pdf
Most importantly, it says:
"The results of @stake’s test sequences clearly demonstrate that edge
technologies,
including tools such as VLANs on Cisco Catalyst switches, when configured
according to best-
practice guidelines, can be effectively deployed as security mechanisms.”
On Thu, Dec 8, 2011 at 7:19 AM, Adam Behnke <adam@...osecinstitute.com>wrote:
> Ever wanted to learn how to hack a VLAN? Here is a tutorial for all of you:
> ****
>
> ** **
>
> http://resources.infosecinstitute.com/vlan-hacking/****
>
> ** **
>
> ** **
>
> ** **
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists