Mitigate VLAN hopping attack – Get rid of Layer 2 attacks
January 16, 2012
Configuration, Security - layer 2
In this article we will mitigate VLAN hopping by switch spoofing in the way that we will disable trunking on the ports who do not have to become trunk ports. Some Cisco switches ports default to auto mode for trunking. That means that the ports automatically become trunk ports if they receive Dynamic Trunking Protocol (DTP) frames on some of the switch ports.