Vulnerability Development mailing list archives
Vlans
From: Tim Salus <tsalus () CBOSS COM>
Date: Wed, 17 Jan 2001 09:02:03 -0800
I am not certain if this is the place to ask this and if not please let me know where to send it. I have a client who has the following configuration Internet -> router -> firewall -> load balancer The connection from the router to the firewall is on a switch and the connection from the inside interface of the firewall is on the same switch. The separation is done using VLANS. I was taught this is bad due to 802.1q tagging and VLAN hopping using tagged packets. The problem is I can find very little information on this to prove my point. Also what if there is no 802.1q trunking being done. Is there still a problem with this? Is there an exploit to get around the firewall and do server flooding by jumping VLANS. No one can get on the firewall segment so what I need to know is can anyone on the internet cause a problem with this type of configuration. Thanks in advance Timothy L. Salus