VLAN Hopping Flashcards

1
Q

VLAN hopping

A

• Define different VLANs

  • You only have access to your VLAN
    • Good security best practice

• “Hop” to another VLAN - this shouldn’t
happen

  • Two primary methods
    • Switch spoofing and double tagging
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Switch spoofing

A

• Some switches support automatic
configuration
• Is the switch port for a device, or is it a
trunk?

  • There’s no authentication required
  • Pretend to be a switch
  • Send trunk negotiation

• Now you’ve got a trunk link to a switch
• Send and receive from any configured
VLAN

• Switch administrators should disable
trunk negotiation
• Administratively configure trunk
interfaces and device/access interfaces

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Double tagging

A

• Craft a packet that includes two VLAN
tags
• Takes advantage of the “native” VLAN
configuration

• The first native VLAN tag is removed by
the first switch
• The second “fake” tag is now visible to
the second switch
• Packet is forwarded to the target

• This is a one-way trip
• Responses don’t have a way back to
the source host

• Don’t put any devices on the native
VLAN
• Change the native VLAN ID
• Force tagging of the native VLAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly