Vlan hopping

Hi All,

Does anyone know of Vlan Hopping? Can anyone explain how it works?

Reply to
Sherlock Holmes
Loading thread data ...

Hi,

Sherlock Holmes schrieb:

Yes I can. Lets start that way. You have two switches with a trunk link between them. On both side you have vlan v1 and vlan v2.

He creates a package with a vlan v2 packet header and puts this in a vlan v1 packet. The Switch then transports that packet to the ports. On the trunk port it removes the v1 header and what a surprise there is v2 header. Now it transports the Package to v2 port.

I'm currently didn't remember what the hacker has to do to bring the switch to extract. I only remember something about switchport mode and not set so access. There is a protocol a cisco switch use to find out the port is a trunk or a access port.

When you have still questions left, send me an mal.

So long Alexander

Reply to
Alexander Grü

Hi,

found the Book description:

"VLAN hopping relies on the Dynamic Trunking Protocol (DTP). If you have two switches that are connected, DTP can negotiate between the two to determine if they should be an 802.1Q trunk. Negotiation is done by examining the configured state of the port. "

....

"Trunk links carry traffic from all VLANs. In 802.1Q trunking, which DTP negotiates, four bytes are added to the Ethernet header to define what VLAN a frame is a member of. When a frame leaves the trunk and enters another switch, the 802.1Q shim header is removed, the frame check sequence is recalculated, and the frame is brought back to its original form.

VLAN hopping exploits the use of DTP. In VLAN hopping, you spoof your computer to appear as another switch. You send a fake DTP negotiate message announcing that you would like to be a trunk. When the real switch hears your DTP message, it thinks it should turn on 802.1Q trunking. When trunking is turned on, all traffic for all VLANs is sent to your computer. Figure 10-6 illustrates this process.

After a trunk is established, you either can proceed to sniff the traffic, or you can send traffic by adding 802.1Q information to your frames that designate which VLAN you want to send your attack to. "

I think that describes the thing. So to prevent vlan hopping you should always disable DTP.

So long Alexander

Reply to
Alexander Grü

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.