On Mar 25, 2007, at 11:24 AM, bofh wrote:
On 3/25/07, Jason Dixon <[EMAIL PROTECTED]> wrote:
Disabling DTP, which should be done anyways, will prevent VLAN
hopping. I'm not sure what "arp-based thing" you're referring to
that wasn't fixed 5-6 years ago. Perhaps you're referring to arp
spoofing, which has nothing to do with VLANs. Please clarify.
My point was that there may be future vulnerabilities, and it may be a
good idea to keep that in mind for the original poster's designs.
There may also be future vulnerabilities in physical ethernet. Guess
you'd better unplug now! ;-)
--
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net
