Tag: cisco switch

STP Layer 2 attack – Manipulating Spanning Tree Protocol settings

Redundant links are always welcome in switch topology as they are increasing the network’s availability and robustness.

Redundant links, if we look at them from layer 2 perspective, can cause Layer 2 loops. This is simply because TTL (Time To Live) field of the packet is found in Layer 3 header and L2 doesn’t have such a field.

On L3, this means that TTL number will be diminished only when the packet is passing through the router. There is no way to “kill” a packet that is stuck in layer 2 loop. This situation can result in broadcast storms.

Fortunately, Spanning Tree Protocol (STP) can allow you to have redundant links while having a loop-free topology, thus preventing the potential for a broadcast storm.

| Continue Reading.. |

VLAN hopping attack – Switch Spoofing and Double tagging

VLAN hopping attack can be possible by two different approaches, Switch Spoofing or Double tagging.

When you are in a situation where you need to configure and set up the security of VLAN trunks, also consider the potential for an exploit called VLAN hopping.

An attacker can craft and send positioned frames on one access VLAN with spoofed 802.1Q tags so that the packet end up on a totally different VLAN and all this without the use of a router.

| Continue Reading.. |