Skip Links

Network World

  • Social Web 
  • Email 
  • Close
Network World chats

LAN switch security: what the hackers know that you don't

Author experts explain how to thwart ARP spoofing, ARP poisoning, P2P traffic, wireless LAN threats and more during a live Network World Chat.
By Keith Shaw , Network World , 11/15/2007

Moderator-Julie: Welcome to Network World Chats. Today's guest is author expert Christopher Paggen discussing the topic, LAN switch security: What hackers know about your switches. He penned a book of the same title. We have a surprise guest coming today, too; Chris's co-author, Eric Vyncke (but Eric will be joining us late). 

Christopher_Paggen: Hello - glad to be here!

ARP spoofing and ARP poisoning

Moderator-Keith: Why should we care about LAN security? Outside hackers can't do much (we're behind a firewall), and we're pretty sure that employees aren't engaging in illicit activities.

Christopher_Paggen: While you are correct with regard to the firewall protecting you from outside LAN attacks, LAN-borne attacks are always performed locally by someone hooked up to a local network port. The range of people performing LAN attacks can range from adventurous employees "playing around" with Swiss-army-knife tools to  motivated malicious guests trying to harvest confidential data.

BartKnight: I've heard it's possible for a hacker operating inside the company to intercept all LAN traffic without ever being noticed. How is this possible?

Christopher_Paggen: Yes, it's indeed possible by using ARP poison routing.

Stiekes: How many of the LAN security risks are more accurately characterized as resulting from compromises of host systems?

Christopher_Paggen: Many very potent LAN attacks such as ARP spoofing are performed on a remote machine connected to same LAN as the victim(s). So even if your host is patched with the latest antivirus software, it talks on the Ethernet segment and remains subject to communication hijacking.

Sully: What about VLAN hopping on a switch? Is it possible and, if so, then how can it be prevented?

Christopher_Paggen: VLAN hopping is one of the trickiest attacks in the sense that it takes many favorable conditions lined up to occur. While tools such as Yersinia make it easy to attempt, the return from a hacker's perspective is fairly minimal: malicious traffic is injected one way from the hacker to the victim. The hacker gets no feedback from the victim as traffic coming back from the victim won't hop VLANs back to the hacker. All in all, I would rate this a low severity, hard to perform attack.

Partner Content

Simplify Your Branch Infrastructure

Learn how to simplify your branch infrastructure while dramatically increasing app performance with Citrix Branch Repeater.

Download the Free Info Kit

Next-Gen Load Balancing

Free Guide: “Next Gen Load Balancing: 8 Things You Need to Handle Today’s Network Traffic” shows you the functionality needed in your next load balancer.

Download the Free Guide

Accelerate Your Web Apps by up to 5x

Free Guide: “The Secret to Getting Maximum Speed from your Web Applications.” Learn how you can deliver Web apps up to 5x faster.

Download the Free Guide

Comments (2)
Login
Forgot your account info?

The forest for the trees syndrome.By meatpieandtatters on November 19, 2007, 5:38 pmYet again, short sighted recommendations leaves the readers worse off. Regardless of how easy or prevalent ARP poisoning may be, it's still one of numerous threats...

Reply | Read entire comment

LAN switch security: Your deepest fears answeredBy Cisco Subnet on November 15, 2007, 5:59 pmARP poisoning by a hacker is probably the worst attack your LAN could suffer because it's extremely sneaky, very efficient and all too easy to perform. But there...

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to moderator approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed
Save The Date!
What They Are Saying

What do thes letters stan for when used in sentence such as I am busy...bbs.- Anonymous

Join the Discussion