Turpin, Mark wrote: > > I'm referring to trunks, sorry. There were some vulnerabilities related to this, but actually the fix was to make sure the native VLAN wasn't trunked, if I understand it correctly.... Although the vulnerabilities caused a big stir, they were hard to exploit. They required physical access to the switch, a Sniffer, and traffic generation capabilities. Also, Cisco may have made some changes to avoid the problem after it got reported. But here's the info from SANS:
http://www.sans.org/newlook/resources/IDFAQ/vlan.htm Priscilla > > -----Original Message----- > From: MADMAN [mailto:[EMAIL PROTECTED]] > Sent: Thursday, August 01, 2002 12:14 PM > To: Turpin, Mark > Cc: [EMAIL PROTECTED] > Subject: Re: Cat2950 VLAN 1 ip address...can't connect [7:50331] > > > > Not sure what you mean. Your not changing the default VLAN, > VLAN 1 > will remain, can't delete it, (not talking about trunks). I > know of no > problems arising when using a VLAN other than 1 for inband > connectivity. > > Dave > > > "The information transmitted is intended only for the person > or entity to > which it is addressed and may contain confidential and/or > privileged > material. Any review, retransmission, dissemination or other > use of, or > taking of any action in reliance upon, this information by > persons or > entities other than the intended recipient is prohibited. If > you received > this in error, please contact the sender and delete the > material from all > computers." > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=50436&t=50331 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
