VLAN Hopping

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/6

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

7 Terms

1
New cards

Virtual Local Area Network (VLAN)

used to partition any broadcast domain and isolate it from the rest of the network at the data link layer (Layer 2) of the OSI model

  • Layer 3 routing is used, enabling application of access control lists to segregate and filter traffic between VLANs efficiently

2
New cards

VLAN Hopping

a technique that exploits a misconfiguration to direct traffic to a different VLAN without proper authorization

accomplished with either:

  • double tagging

  • switch spoofing

  • MAC table overflow attack

3
New cards

Double Tagging

a method where the attacker tries to reach a different VLAN using vulnerabilities in the trunk port configuration

4
New cards

DoS or Stress Testing Attack

the other reason for using double tagging is when obtaining a response back is not necessarily required

5
New cards

to prevent a double tagging attack from being successful…

  • change default native VLAN (VLAN ID 1) to another identifier

  • avoid adding user devices to the native VLAN

6
New cards

Switch Spoofing

occurs when an attacker attempts to use the Dynamic Trunking Protocol (DTP) to negotiate a trunk port with a switch

7
New cards

MAC Table Overflow Attack

allows VLANs to no longer be enforced

  • overloaded CAM tables result to switches “failing open” and beginning to act like a hub ( a hub repeats every frame it recieves)