VLAN Hopping and Switch Spoofing Flashcards
1
Q
What is VLAN hopping?
A
When a client double-tags a packet so that the top tag is stripped at the trunk, and is sent to the VLAN on the underlying tag by the receiving switch.
2
Q
What must be in place for VLAN hopping to be successful?
A
The malicious host must be connected to an access port that is the same VLAN as the native trunk VLAN.
3
Q
What is switch spoofing?
A
When a malicious host forms a trunk with a switch by sending DTP frames across a port.
4
Q
How can you prevent switch spoofing?
A
Disable DTP on all ports, and ensure that any unused ports are hard-coded to access ports.
5
Q
How can you prevent VLAN hopping?
A
Make sure that your native trunk VLAN is not active on any access ports.