On 17 September 2010 17:37, Ben Pfaff <[email protected]> wrote: > On Fri, Sep 17, 2010 at 05:34:02PM +0100, Robin Wood wrote: >> I'm a security researcher and I want to do some work on sniffing >> traffic in VLANs and playing with VLAN hopping. Is it possible to >> setup Open vSwitch in a way that I could do all this in a VirtualBox >> environment? The kind of things I'm thinking of are: >> >> * start a bunch of machines on different VLANs then place a sniffer at >> different points and see what it can see > > OVS has the ability to mirror packets that arrive on given VLANs to a > specified port or to another VLAN. Does that fit the bill here? > >> * put my on a specific VLAN then see if I can get on to others, i.e. >> getting on the voice VLAN and hopping to a data one > > What kind of switch feature would help testing this? >
Not sure, I'll try to describe it a bit better. I do security audits for clients and some of them have have VLANs setup, what I want to look are things like what would I need to compromise to see the most traffic, or how to try to get from a guest VLAN to the one that handles card processing when doing PCI audits. For hopping, there are tools out there but I've not looked at them just because I haven't had the facilities to test them. I'm finding it hard to describe just because I don't know enough about the area to fully articulate what I'm trying to do and I don't really know what I want/need to do till I've got at least the bones of a lab set up so I can start playing with things. Its late on a Friday, I hope that makes sense. Robin _______________________________________________ discuss mailing list [email protected] http://openvswitch.org/mailman/listinfo/discuss_openvswitch.org
