[ovs-discuss] using Open vSwitch in VirtualBox for security training
Ben Pfaff
blp at nicira.com
Fri Sep 17 17:00:17 UTC 2010
On Fri, Sep 17, 2010 at 05:53:42PM +0100, Robin Wood wrote:
> On 17 September 2010 17:37, Ben Pfaff <blp at nicira.com> wrote:
> > On Fri, Sep 17, 2010 at 05:34:02PM +0100, Robin Wood wrote:
> >> * put my on a specific VLAN then see if I can get on to others, i.e.
> >> getting on the voice VLAN and hopping to a data one
> >
> > What kind of switch feature would help testing this?
>
> Not sure, I'll try to describe it a bit better. I do security audits
> for clients and some of them have have VLANs setup, what I want to
> look are things like what would I need to compromise to see the most
> traffic, or how to try to get from a guest VLAN to the one that
> handles card processing when doing PCI audits.
>
> For hopping, there are tools out there but I've not looked at them
> just because I haven't had the facilities to test them.
A quick search for "vlan hopping tools" turned up a description of
"VoIP Hopper":
http://www.darknet.org.uk/2008/01/voip-hopper-vlan-hopping-tool/
If OVS is vulnerable to this kind of problem (it shouldn't be) I'd like
to hear about it; we'll fix it.
More information about the discuss
mailing list