On 17/02/10 03:54, Corey wrote:
>>I did put all interfaces (in,out,pfsync,management) through VLANs in
msk0
Throwing out a topic for discussion...I have seen a couple of posts on
here regarding use of VLANs to segregate traffic that I would usually
use separate interfaces for. I am just curious what the thoughts of the
list are on this practice. I haven't ever set up VLANs on anything large
or serious, and do not claim to know the security implications, other
than switch/interface misconfiguration possibly getting one into
trouble, and awareness of (but no experience with) tools like dsniff.
There is quite a bit of stuff out there on Google, of course, but I
trust this list more :^)
Thanks in advance.
VLANs are a cool solution.
Make sure you restrict access to those VLANs to only
the ports that should have access.
Also read about 802.1Q since it is the standard way
of doing it.
Giannis
ps. I'm wondering if it's better for the traffic to come and go on the
same card or maybe better to interrupt another card as well...
