Storage News
Security News
Networking News 
 FREE NEWSLETTERS
search
 

internet.commerce
Be a Commerce Partner
GPS
Data Center Solutions
Remote Online Backup
Corporate Gifts
KVM over IP
Condos For Sale
Computer Deals
Disney World Tickets
Online Education
Memory
Televisions
KVM Switch over IP
Computer Hardware
Shop Online

internet.com
IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers


  Rethinking the Datacenter
Sponsored by HP
Today's datacenters need to increase utilization, get control over power and cooling costs, and align with business objectives. Download this eBook to learn about the challenges facing the data center in a world where digital information is growing at a torrid pace and costs are being held in check. Learn more. »
 
  Putting the Green into IT
Sponsored by HP
Electricity use in data centers is skyrocketing, sending energy bills through the roof, creating environmental concerns and generating negative publicity. "Going Green" means looking to technologies like virtualization, energy-efficient chips and racks, and implementing policies that extend beyond the data center. Learn more. »
 
  Managing the Modern Network
Sponsored by HP
In a global economy where information crosses the globe in an instant, and where Web-based applications power business, it's more important than ever to ensure your network is safe from threats and optimized to deliver the data your business needs. »
 
  Evaluating Software as a Service for Your Business
Sponsored by Webroot
Is Software as a Service just hype, or is something really going on here? See if your company can benefit as SaaS tries to change the face of the enterprise. »
 
  Is Your Disaster Recovery Plan Good Enough?
Sponsored by HP
Preparing for a disaster is more often than not part of the storage planning process, and it is one of the most difficult tasks, since it includes local hardware and software, networking equipment, and a test plan. Learn how to get disaster recovery right. »
 

Security Products
 Mazu Profiler (Mazu Networks, Inc)
 MHZ2 CJ Series (Fujitsu Computer Products of America, Inc)
 Secure Mail / Secure DOX (Echoworx Corp)
 Enterprise Security Reporter (ScriptLogic Corp)
 AlgoSec Firewall Analyzer (Algorithmic Security, Inc)
 Gatekeeper / Firestick (Yoggie Security Systems)
» Enterprise IT Planet » Security » Security Features

Download: SQL Compare Pro 6--For improving the speed and quality of your database changes SQL Compare has no comparison. It's faster, easier and it's around 90% more cost effective than the alternatives. Try it today for free!

Testing Switches for Vulnerabilities

October 30, 2006

Email Print Digg This Add to del.icio.us

by Andrew Whitaker and Daniel Newman

From Penetration Testing and Network Defense, Chapter 10, pp. 333-337 - Cisco Press. Reprinted with permission.

Routers are not the only networking devices that are vulnerable to attack. You should also thoroughly test your switches on your LAN. Following are some of the methods for testing switches:

  • VLAN hopping
  • Spanning Tree attacks
  • MAC table flooding
  • ARP attacks
  • VTP attacks

VLAN Hopping

VLANs are a Layer 2 method of segmenting your broadcast domains. VLANs are also often used to provide additional security on networks because computers on one VLAN cannot talk to users on another VLAN without explicit access through the use of inter-VLAN routing or a multilayer switch. However, as you shall soon see, VLANs by themselves are not enough to secure your environment. Through VLAN hopping, a malicious hacker can hop from one VLAN to another, even if he is not authorized.

VLAN hopping relies on the Dynamic Trunking Protocol (DTP). If you have two switches that are connected, DTP can negotiate between the two to determine if they should be an 802.1Q trunk. Negotiation is done by examining the configured state of the port. There are five states, as described in the DTP States table below.

DTP States

State Description
On Port is configured to be a trunk.
Off Port is configured to be an access port and should not be a trunk.
Auto Port is set to auto-negotiate a trunk status. Will become a trunk if the other switch actively wants to be a trunk
Desirable Port is set to auto-negotiate a trunk and actively announces that it wants to be a trunk.
Nonegotiate Port disables DTP and sets it to be a trunk. There will be no negotiation.

Both switches need to agree to be trunks before a trunk link is established. Table 10-3 shows the required states necessary for a trunk to be made.

DTP Negotiation

Switch 1 States
Switch 2 States		 ON OFF AUTO DESIRABLE NONEGOTIATE
ON Trunk   Trunk Trunk  
OFF          
AUTO Trunk     Trunk  
DESIRABLE Trunk   Trunk Trunk  
NONEGOTIATE         Trunk

Trunk links carry traffic from all VLANs. In 802.1Q trunking, which DTP negotiates, four bytes are added to the Ethernet header to define what VLAN a frame is a member of. When a frame leaves the trunk and enters another switch, the 802.1Q shim header is removed, the frame check sequence is recalculated, and the frame is brought back to its original form.

VLAN hopping exploits the use of DTP. In VLAN hopping, you spoof your computer to appear as another switch. You send a fake DTP negotiate message announcing that you would like to be a trunk. When the real switch hears your DTP message, it thinks it should turn on 802.1Q trunking. When trunking is turned on, all traffic for all VLANs is sent to your computer. The following figure illustrates this process.

VLAN Hopping

VLAN Hopping

After a trunk is established, you either can proceed to sniff the traffic, or you can send traffic by adding 802.1Q information to your frames that designate which VLAN you want to send your attack to.

Go to page: 1  2  3  Next  

Email Print Digg This Add to del.icio.us

Security Features Archives

eBook: Evaluating Software as a Service for Your Business. Sponsored by Webroot
Whitepaper: Enterprise Information Integration--Deployment Best Practices for Low-Cost Implementation
Stay up to date! Get real-time news and reviews about the latest innovations in internet technology.
Data Sheet: IBM Information Server Blade
Increase your reach with unlimited Webinars for one low rate. Try GoToWebinar FREE.



Featured Solutions for Technology Professionals from Internet.com
eBook: Storage Networking, Part 1
Sponsored by HP
A storage network is any network that's designed to transport block-level storage protocols. But understanding the ins and outs of networked storage takes you deep into several of protocols. This guide covers SANs, Fibre Channels, Disk Arrays, Fabric, and IP Storage. Learn more.



JupiterOnlineMedia

internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers
Solutions
Whitepapers and eBooks
Microsoft Article: Will Hyper-V Make VMware This Decade's Netscape?
Microsoft Article: 7.0, Microsoft's Lucky Version?
Microsoft Article: Hyper-V--The Killer Feature in Windows Server 2008
Avaya Article: How to Feed Data into the Avaya Event Processor
Microsoft Article: Install What You Need with Windows Server 2008
HP eBook: Putting the Green into IT
Whitepaper: HP Integrated Citrix XenServer for HP ProLiant Servers
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 1
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 2--The Future of Concurrency
Avaya Article: Setting Up a SIP A/S Development Environment
IBM Article: How Cool Is Your Data Center?
Microsoft Article: Managing Virtual Machines with Microsoft System Center
HP eBook: Storage Networking , Part 1
Microsoft Article: Solving Data Center Complexity with Microsoft System Center Configuration Manager 2007
MORE WHITEPAPERS, EBOOKS, AND ARTICLES
Webcasts
Intel Video: Are Multi-core Processors Here to Stay?
On-Demand Webcast: Five Virtualization Trends to Watch
HP Video: Page Cost Calculator
Intel Video: APIs for Parallel Programming
HP Webcast: Storage Is Changing Fast - Be Ready or Be Left Behind
Microsoft Silverlight Video: Creating Fading Controls with Expression Design and Expression Blend 2
MORE WEBCASTS, PODCASTS, AND VIDEOS
Downloads and eKits
Sun Download: Solaris 8 Migration Assistant
Sybase Download: SQL Anywhere Developer Edition
Red Gate Download: SQL Backup Pro and free DBA Best Practices eBook
 Red Gate Download: SQL Compare Pro 6
Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS
Tutorials and Demos
How-to-Article: Preparing for Hyper-Threading Technology and Dual Core Technology
eTouch PDF: Conquering the Tyranny of E-Mail and Word Processors
IBM Article: Collaborating in the High-Performance Workplace
HP Demo: StorageWorks EVA4400
 Intel Featured Algorhythm: Intel Threading Building Blocks--The Pipeline Class
Microsoft How-to Article: Get Going with Silverlight and Windows Live
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES