adam's notes

VLAN Hopping Attack

VLAN hopping is an attack designed to send traffic to a VLAN other than the one the host system is in.

  • exploits the default VLAN feature of 802.1Q
    • default VLANs are designed to provide compatibility with non-VLAN capable switches
    • attacker, using device in the default VLAN, crafts a frame with two VLAN tag headers
    • first trunk switch to inspect the frame strips the first header and frame gets forwarded to the target VLAN
    • such attack can only send packets one way
      • but could be used to perform a DoS attack against a host on a different VLAN
  • can be launched by attaching a device that spoofs the operation of a switch to the network and negotiating the creation of a trunk port
    • as a trunk port, the attacker device will receive all inter-VLAN traffic
  • Mitigate by:
    • using separate physically switches

Spanning Tree Protocol Manipulation Attack

  • STP is normally configured on a network with several switches
  • primary purpose is to prevent switching loops
  • to make STP work, a single switch is designated as the root bridge
  • if attacker becomes root bridge, they are able to see a variety of frames that normally would not see
  • to perpetrate this attack,
    • attacker inserts their switch into the tree and manipulates it to appoint their switch as the root bridge
    • then can use a sniffer to collect data

Graph View

Backlinks