[ovs-discuss] using Open vSwitch in VirtualBox for security training

Robin Wood robin at digininja.org
Fri Sep 17 16:53:42 UTC 2010


On 17 September 2010 17:37, Ben Pfaff <blp at nicira.com> wrote:
> On Fri, Sep 17, 2010 at 05:34:02PM +0100, Robin Wood wrote:
>> I'm a security researcher and I want to do some work on sniffing
>> traffic in VLANs and playing with VLAN hopping. Is it possible to
>> setup Open vSwitch in a way that I could do all this in a VirtualBox
>> environment? The kind of things I'm thinking of are:
>>
>> * start a bunch of machines on different VLANs then place a sniffer at
>> different points and see what it can see
>
> OVS has the ability to mirror packets that arrive on given VLANs to a
> specified port or to another VLAN.  Does that fit the bill here?
>
>> * put my on a specific VLAN then see if I can get on to others, i.e.
>> getting on the voice VLAN and hopping to a data one
>
> What kind of switch feature would help testing this?
>

Not sure, I'll try to describe it a bit better. I do security audits
for clients and some of them have have VLANs setup, what I want to
look are things like what would I need to compromise to see the most
traffic, or how to try to get from a guest VLAN to the one that
handles card processing when doing PCI audits.

For hopping, there are tools out there but I've not looked at them
just because I haven't had the facilities to test them.

I'm finding it hard to describe just because I don't know enough about
the area to fully articulate what I'm trying to do and I don't really
know what I want/need to do till I've got at least the bones of a lab
set up so I can start playing with things.

Its late on a Friday, I hope that makes sense.

Robin




More information about the discuss mailing list