Highest Voted 'vlans' Questions - IT Security Stack Exchange

90

votes

10 answers

Why do people tell me not to use VLANs for security?

I have a network, where a have a couple of VLANS. There is a firewall between the 2 VLANs. I am using HP Procurve switches and have made sure that switch-to-switch links accept tagged frames only and that host ports don't accept tagged frames (They…

network firewalls vlans

asked Jan 10 '11 at 08:47

jtnire

1,001
1
8
3

19

votes

4 answers

Threat assesment for a captive portal

I am interested in setting up a captive portal on a wireless network. From what I understand I would do this by initially having all guests in a temporary vlan, moving them to the real vlan when authenticated or against some other criteria. What…

network wifi vlans

asked Jun 09 '11 at 14:29

Sonny Ordell

3,476
9
33
56

9

votes

1 answer

Management Network Best Practices

I am looking at setting up a Management vlan, on which I will put all the Management interfaces for my various networkable devices (Firewall Mgmt Interfaces, Server RAC, WAP Mgmt Interfaces, etc). What are best practices when it comes to accessing…

network vlans

asked Nov 13 '10 at 02:39

Josh Brower

1,366
2
13
24

6

votes

4 answers

Building an info sec VM lab - safe to keep on my home network?

I'm a new member making my first post here. I had a very quick, and admittedly basic, question. I'm setting up an info sec lab for the first time at home. I'm trying to build some more technical skills with things like Kali linux, pfsense, etc to…

wifi vlans vmware

asked Jun 25 '16 at 18:43

MK_09

61
2

5

votes

2 answers

Segmenting Virtual Network Traffic

I have a basic to moderate understanding of VLAN's and their pros and cons as they relate to network segmentation but I'm wondering where to start as one moves into virtualized environments. From a security perspective, how does traditional VLAN…

network virtualization vlans

asked Mar 06 '13 at 16:46

Univ426

286
1
7

5

votes

1 answer

VLAN Device Isolation - Feasibility

To mitigate the risk of malware propagating through a network, how reasonable is it to place each and every device on its own VLAN (complete isolation)? Note: The devices do not need to communicate to each other at all. Secondary…

vlans isolation vlan-hopping

asked Jan 07 '18 at 12:23

SheerKahn

55
5

4

votes

2 answers

Bypassing Trustwave NAC

I'm currently doing a penetration test for a client, who are using Trustwave NAC to prevent unauthorized physical access to their network. I would like to know if there are any possible ways to bypass this. Client is putting a lot of faith in their…

arp-spoofing vlans network-access-control

asked Jul 08 '14 at 01:50

Sonny Ordell

3,476
9
33
56

4

votes

2 answers

In a LAN environment, can you fake the IP address while also being able to receive the response?

Looks like nmap could fake source IP address, and getting a valid response, but only in LAN environment. I'm not sure how it works, here's my thought, You created a packet with fake IP address and a fake MAC address (associated with the fake IP), so…

network ip-spoofing mac-address vlans

asked Aug 15 '13 at 01:36

daisy

1,735
3
25
39

4

votes

1 answer

Isolate a Virtualbox VM from local network

I have the need to isolate a virtual machine created with Virtualbox from the local network but I need to provide internet access to that machine. It is the first time that I face this kind of problem, different solutions came up in my mind: create…

network firewalls virtualization vlans

asked Jul 26 '13 at 13:22

Federico

183
2
9

3

votes

1 answer

Security criteria for selecting a network switch?

I am looking to purchase a switch with 24+ ports. The set of security criteria that I should bear in mind when selecting a switch is not clear to me. I have tried to take other networking security issues into account already, and I'm only asking…

network configuration firmware vlans ethernet

asked Jan 19 '15 at 06:06

taltman

393
3
8

3

votes

1 answer

How to do layer 3 VLAN hopping?

I am connected to 3 layer switch used to create IP subnet-based VLANs. Is there any way to do VLAN hopping? Note that this isn't using 802.1q; it's not port-based L2.

network vlans

asked Aug 09 '12 at 21:36

user1028

437
4
8
14

3

votes

2 answers

Is switching protocols a security measure worth implementing?

We deploy our internet facing applications in multiple vlans and there is a rule that talking from one vlan to the next has to be done in another protocol or an other implementation of the protocol. E.g. [Internet] --https-> [apache@VLAN1] --ajp-->…

http rest vlans

asked Apr 17 '18 at 14:29

n3utrino

131
3

3

votes

1 answer

Are Cisco switches vulnerable to VLAN hopping?

Are Cisco switches vulnerable to VLAN hopping? We use Layer 2+ and Layer 3 switches in a hardened environment. They are IE-3000 and IE-4000 series switches. We want to perform a vulnerability scan at many levels, but we are concerned mainly about…

cisco vlans vlan-hopping

asked Nov 14 '17 at 14:08

rockower

391
2
11

3

votes

1 answer

Should a backup server be on a separate subnet / vlan from other machines on the network?

Should a backup server be on a separate VLAN/subnet from the systems it backs up? And should the routes only go one way from inside the VLAN/subnet of the backup server out to the clients and subnets that it backs up? So that the clients can't get…

network backup vlans

asked Jul 18 '17 at 05:27

leeand00

1,297
1
13
21

2

votes

2 answers

ASA5505 DMZ issue

I have ASA5505 , connected to the WAN on port 0 (called Vlan2), and connected to my development LAN on port 7 (Called Vlan1). I want to add DMZ, and I connected switch and servers to port 3, and called it Vlan3. this is my settings: interface Vlan1 …

firewalls cisco vlans

asked May 01 '14 at 09:36

gabi

163
1
1
6

Questions tagged [vlans]