Thursday, September 29, 2011

Pin It


LAN Switch Security

 What Hackers Know About Your Switches

LAN and Ethernet switches are usually considered as plumbing. They are easy to install and configure,
but it is easy to forget about security when things appear to be simple.
Multiple vulnerabilities exist in Ethernet switches. Attack tools to exploit them started to appear a couple
of years ago (for example, the well-known dsniff package). By using those attack tools, a hacker can
defeat the security myth of a switch, which incorrectly states that sniffing and packet interception are
impossible with a switch. Indeed, with dsniff, cain, and other user-friendly tools on a Microsoft Windows
or Linux system, a hacker can easily divert any traffic to his own PC to break the confidentiality or
the integrity of this traffic.
Most vulnerabilities are inherent to the Layer 2 protocols, ranging from Spanning Tree Protocol to IPv6
neighbor discovery. If Layer 2 is compromised, it is easier to build attacks on upper-layers protocols by
using techniques such as man-in-the-middle (MITM) attacks. Because a hacker can intercept any traffic,
he can insert himself in clear-text communication (such as HTTP or Telnet) and in encrypted channels
(such as Secure Socket Layer [SSL] or secure shell [SSH]).
To exploit Layer 2 vulnerabilities, an attacker must usually be Layer 2 adjacent to the target. Although it
seems impossible for an external hacker to connect to a company LAN, it is not. Indeed, a hacker can
use social engineering to gain access to the premises, or he can pretend to be an engineer called on site
to fix a mechanical problem.

No comments:

Post a Comment