Moderator-Julie: Welcome to Network World Chats. Today's guest is author expert Christopher Paggen discussing the topic, LAN switch security: What hackers know about your switches. He penned a book of the same title. We have a surprise guest coming today, too; Chris's co-author, Eric Vyncke (but Eric will be joining us late). 

Christopher_Paggen: Hello - glad to be here!

ARP spoofing and ARP poisoning

Moderator-Keith: Why should we care about LAN security? Outside hackers can't do much (we're behind a firewall), and we're pretty sure that employees aren't engaging in illicit activities.

Christopher_Paggen: While you are correct with regard to the firewall protecting you from outside LAN attacks, LAN-borne attacks are always performed locally by someone hooked up to a local network port. The range of people performing LAN attacks can range from adventurous employees "playing around" with Swiss-army-knife tools to  motivated malicious guests trying to harvest confidential data.

BartKnight: I've heard it's possible for a hacker operating inside the company to intercept all LAN traffic without ever being noticed. How is this possible?

Christopher_Paggen: Yes, it's indeed possible by using ARP poison routing.

Stiekes: How many of the LAN security risks are more accurately characterized as resulting from compromises of host systems?

Christopher_Paggen: Many very potent LAN attacks such as ARP spoofing are performed on a remote machine connected to same LAN as the victim(s). So even if your host is patched with the latest antivirus software, it talks on the Ethernet segment and remains subject to communication hijacking.

Sully: What about VLAN hopping on a switch? Is it possible and, if so, then how can it be prevented?

Christopher_Paggen: VLAN hopping is one of the trickiest attacks in the sense that it takes many favorable conditions lined up to occur. While tools such as Yersinia make it easy to attempt, the return from a hacker's perspective is fairly minimal: malicious traffic is injected one way from the hacker to the victim. The hacker gets no feedback from the victim as traffic coming back from the victim won't hop VLANs back to the hacker. All in all, I would rate this a low severity, hard to perform attack.

Whitepapers

• Best Practices for HP Servers and HP Enterprise Virtual Array in a Microsoft Exchange
• Network-Wide Change Management Visibility with Route Analytics
• REMOTE CONTROL: How to Reduce the Cost, Complexity and Risk of Managing Your Distributed IT Infrastructure
• Steal This Script: Hands-On Tips for Service Impact Network Management
• The Case for an Untethered Enterprise
• Best Practices for WAN Optimization with Data Replication

View more LANS & WANS whitepapers

Webcasts

• WAN Optimization Editorial Webcast
• Best Practices for Deploying WAN Optimization for Disaster Recovery
• Tips and Techniques for Remote Data Backup and Delivery
• WAN Optimization Landscape
• High Availability for SQL Server 2005 Using Array-Based Replication and Host-Based Mirroring Technologies
• Technical Overview of Exchange Server 2007 with HP Servers and Storage

View more LANS & WANS webcasts

Special Reports

• Network World Executive GUide: The Virtualization Equation
• Get More From Your WAN
• Learn how to Keep your Mobile Workforce Connected
• WAN Optimization: How to rev up sluggish applications
• The Wireless Explosion
• Network World Executive Guide: Perfecting Application Performance Management

View more LANS & WANS special reports