From: Brendan Dolan-Gavitt (mooyix@gmail.com)
Date: Thu Mar 03 2005 - 16:40:18 EST
VLANs were not intended to separate network segments for security; see
http://infiltrated.net/cisco/vlan-insecurities.html
-Brendan
On Thu, 3 Mar 2005 11:22:51 -0500, Merrick, Carl <CMerrick@enfield.org> wrote:
> I am not a pen tester and this is more of a theoretical question for the
> experts. We are in the process of installing HP BL30p blade servers which
> use the GBE2 integrated switch for network connectivity. One of the servers
> installed will be a web server which will run in the DMZ. Connectivity to
> the DMZ will be provided from the GBE2 to a port on the firewall via a VLAN.
> Other internal VLAN's will be running on the same GBE2 switch. The question
> is, how secure will this setup be? Is it possible to hack across VLANs on
> the same switch? My preferred configuration is to physically isolate web
> servers.
>
> Thanks. Carl
>
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:17 EDT