DK
Uploaded byDhaval Khairnar
PPTX, PDF399 views

Frogger vlan hopping

This document provides an overview of VLANs, trunk ports, and related protocols. It discusses the basics of VLANs including their purpose of logically segmenting networks. It describes trunk ports and the protocols used to carry traffic from multiple VLANs over trunk links, such as ISL and 802.1Q tagging. The document also covers the Cisco Discovery Protocol (CDP) used to share information between Cisco devices, as well as the Dynamic Trunking Protocol (DTP) used to negotiate trunking. Finally, it lists some mitigation techniques like disabling trunking and securing ports to prevent VLAN hopping attacks.

Embed presentation

Download to read offline
Frogger VLAN Hopping 1
Agenda ● Basics of VLAN ● Need of VLAN ● Basicks of TRUNK port ● CDP Packets ● DTP ● Mitigation ● Demo & Prerequisites 2
VLAN ● VLANs is a Layer 2 network protocol. A VLAN is a group of devices on one or more LANs that are configured to communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. Because VLANs are based on logical instead of physical connections, they are extremely flexible. ● Traffic cannot pass directly to another VLAN (between broadcast domains) within the switch or between two switches. To interconnect two different VLANs, you must use routers or Layer 3 switches. 3
Need of VLAN ● The network needs to configure a port into the suitable VLAN in order to achieve change, add or move. ● In the VLAN a group of users with the demand of high security can be included so that the external users out the VLAN cannot interact with them. ● When it comes to logical classification of users in terms of function, we can consider VLAN as independent from their geographic or physical locations. ● Even the security of network can be enhanced by VLAN. 4
5 Basic VLAN Diagram
VLAN Trunk ● Trunks are used to carry traffic that belongs to multiple VLANs between devices over the same link. A device can determine which VLAN the traffic belongs to by its VLAN identifier. The VLAN identifier is a tag that is encapsulated with the data. ISL and 802.1Q are two types of encapsulation that are used to carry data from multiple VLANs over trunk links. ● ISL: It is a Cisco proprietary protocol for the interconnection of multiple switches and maintenance of VLAN information as traffic goes between switches and can support up to 1000 VLANs. ● 802.1Q(Dot1Q): It is the IEEE standard for tagging frames on a trunk and supports up to 4096 VLANs. 6
CDP ● Cisco Discovery Protocol (CDP) is a proprietary Data Link Layer protocol developed by Cisco Systems. It is used to share information about other directly connected Cisco equipment, such as the operating system version and IP address. ● CDP announcements are sent at every 60 seconds on interfaces. 7
DTP ● The Dynamic Trunking Protocol (DTP) is a proprietary networking protocol developed by Cisco Systems for the purpose of negotiating trunking on a link between two VLAN-aware switches, and for negotiating the type of trunking encapsulation to be used. It works on Layer 2 of the OSI model. ● DTP Attack... ● We can craft bogus DTP frames in order to negotiate a trunk port mode from the switch. This trunking connection would allow us to inject traffic into whatever VLAN’s are allowed on the port. Worst case scenario, this will include ALL VLAN’s by default. The attacker can also gain access to VIEW any traffic traversing any VLAN’s the port can now view!!! 8
Modes of Switch Port ● Access -- Puts the LAN port into permanent non-trunking mode and negotiates to convert the link into a non-trunk link. The LAN port becomes a non-trunk port even if the neighboring LAN port does not agree to the change. (PC, Server, Printer, etc…) ● Trunk -- Puts the LAN port into permanent trunking mode and negotiates to convert the link into a trunk link. The LAN port becomes a trunk port even if the neighboring port does not agree to the change. (Switch to Switch) ● Dynamic Auto -- Makes the LAN port willing to convert the link to a trunk link. The LAN port becomes a trunk port if the neighboring LAN port is set to trunk or dynamic desirable mode. 9
● Dynamic Desirable (Default Mode) -- Makes the LAN port actively attempt to convert the link to a trunk link. The LAN port becomes a trunk port if the neighboring LAN port is set to trunk, dynamic desirable, or dynamic auto mode. ● Nonegotiate -- Puts the LAN port into permanent trunking mode but prevents the port from generating DTP frames. You must configure the neighboring port manually as a trunk port to establish a trunk link. 10
Demo 11 Reference ● https://github.com/nccgroup/vlan-hopping---frogger Prerequisites ● ARP Scan, Yersina, Tshark, Screen, Vconfig
Mitigation ● Disabling Trunking ● Prevent Switch Spoofing ● Ensure that ports are not set to negotiate trunks automatically by disabling DTP ● Prevent double tagging ● Simply do not put any hosts on VLAN 1 (The default VLAN) ● Change the native VLAN on all trunk ports to an unused VLAN ID 12

More Related Content

PPTX
SNMP(Simple Network Management Protocol)
byMohammad Awais Javaid
 
PDF
Intro to containerization
byBalint Pato
 
PPTX
Integrating Microservices with Apache Camel
byChristian Posta
 
PDF
REST - Representational state transfer
byTricode (part of Dept)
 
PDF
Introduction to Docker storage, volume and image
byejlp12
 
PDF
Docker Introduction
byRobert Reiz
 
PDF
CNCF Singapore - Introduction to Envoy
byHarish
 
PPTX
Network defenses
byPrachi Gulihar
 
SNMP(Simple Network Management Protocol)
byMohammad Awais Javaid
 
Intro to containerization
byBalint Pato
 
Integrating Microservices with Apache Camel
byChristian Posta
 
REST - Representational state transfer
byTricode (part of Dept)
 
Introduction to Docker storage, volume and image
byejlp12
 
Docker Introduction
byRobert Reiz
 
CNCF Singapore - Introduction to Envoy
byHarish
 
Network defenses
byPrachi Gulihar
 

What's hot

PPTX
Ame 2269 ibm mq high availability
byAndrew Schofield
 
PPTX
MP BGP-EVPN 실전기술-1편(개념잡기)
byJuHwan Lee
 
PPTX
Subversion
byUniversity of Texas at Dallas
 
PPTX
React js Demo Explanation
byRama Krishna Vankam
 
PDF
Tunnel vs VPN on Mikrotik
byGLC Networks
 
PPTX
Docker Swarm for Beginner
byShahzad Masud
 
PDF
NFS(Network File System)
byudamale
 
PPTX
Introduction to Docker - 2017
byDocker, Inc.
 
PDF
Introduction to Testcontainers
byVMware Tanzu
 
PDF
Docker swarm
byAlberto Guimarães Viana
 
PPTX
Grafana optimization for Prometheus
byMitsuhiro Tanda
 
PDF
SDN Presentation
byAbderrahmane TEKFI
 
PDF
Securite des Web Services (SOAP vs REST) / OWASP Geneva dec. 2012
bySylvain Maret
 
ODP
Apache ppt
bypoornima sugumaran
 
PPTX
Docker Basics
byDuckDuckGo
 
PPTX
Ceph Introduction 2017
byKaran Singh
 
PPTX
Docker 101 : Introduction to Docker and Containers
byYajushi Srivastava
 
PDF
Ceph Day Shanghai - Ceph Performance Tools
byCeph Community
 
PPTX
CI/CD Development in Kubernetes - Skaffold
bySuman Chakraborty
 
PPTX
Containers and workload security an overview
byKrishna-Kumar
 
Ame 2269 ibm mq high availability
byAndrew Schofield
 
MP BGP-EVPN 실전기술-1편(개념잡기)
byJuHwan Lee
 
Subversion
byUniversity of Texas at Dallas
 
React js Demo Explanation
byRama Krishna Vankam
 
Tunnel vs VPN on Mikrotik
byGLC Networks
 
Docker Swarm for Beginner
byShahzad Masud
 
NFS(Network File System)
byudamale
 
Introduction to Docker - 2017
byDocker, Inc.
 
Introduction to Testcontainers
byVMware Tanzu
 
Docker swarm
byAlberto Guimarães Viana
 
Grafana optimization for Prometheus
byMitsuhiro Tanda
 
SDN Presentation
byAbderrahmane TEKFI
 
Securite des Web Services (SOAP vs REST) / OWASP Geneva dec. 2012
bySylvain Maret
 
Apache ppt
bypoornima sugumaran
 
Docker Basics
byDuckDuckGo
 
Ceph Introduction 2017
byKaran Singh
 
Docker 101 : Introduction to Docker and Containers
byYajushi Srivastava
 
Ceph Day Shanghai - Ceph Performance Tools
byCeph Community
 
CI/CD Development in Kubernetes - Skaffold
bySuman Chakraborty
 
Containers and workload security an overview
byKrishna-Kumar
 

Similar to Frogger vlan hopping

PPT
Day 14.2 inter vlan
byCYBERINTELLIGENTS
 
PPTX
Virtual Local Area Network
byAtakan ATAK
 
PDF
W3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdf
bygummybear37
 
PPTX
LAN Switching and Wireless: Ch3 - Virtual Local Area Networks (VLANs)
byAbdelkhalik Mosa
 
PPT
vlaN.pptgfggdfgdrgsegtrgthyrtewgsrdhftjf
bypeterhaile1
 
PPTX
VLAN
byISMT College
 
PPTX
VLAN (Virtual Local Area Network) Full details.pptx
byVignesh kumar
 
PDF
Day 5 VIRTUAL LANS
byanilinvns
 
PPTX
VIRTUAL LANS
byanilinvns
 
PPTX
Enterprise network design multi layer network and security.pptx
bybipinbhattarai12
 
PPTX
Week 9 VLAN, SISTIM INFORMASI MANAGEMEN
bySetyady Peace
 
PDF
Switching
byNetwax Lab
 
PPT
Ccna3 mod9-vtp
byjmdoger
 
PDF
Chapter 8 .vlan.pdf
bymanojkumar595505
 
PPTX
ccna3mod9_VLAN Trunking Protocol (1).pptx
byGiyaShefin
 
PDF
Exploiting First Hop Protocols to Own the Network - Paul Coggin
byEC-Council
 
PPT
Tn 310 vlan-trunking
bysali Ibrahimu
 
PPT
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
byMR. VIKRAM SNEHI
 
PDF
Vlan.pdf
byitwkd
 
PPT
CCNA- part 9 vlan
bySandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Day 14.2 inter vlan
byCYBERINTELLIGENTS
 
Virtual Local Area Network
byAtakan ATAK
 
W3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdf
bygummybear37
 
LAN Switching and Wireless: Ch3 - Virtual Local Area Networks (VLANs)
byAbdelkhalik Mosa
 
vlaN.pptgfggdfgdrgsegtrgthyrtewgsrdhftjf
bypeterhaile1
 
VLAN
byISMT College
 
VLAN (Virtual Local Area Network) Full details.pptx
byVignesh kumar
 
Day 5 VIRTUAL LANS
byanilinvns
 
VIRTUAL LANS
byanilinvns
 
Enterprise network design multi layer network and security.pptx
bybipinbhattarai12
 
Week 9 VLAN, SISTIM INFORMASI MANAGEMEN
bySetyady Peace
 
Switching
byNetwax Lab
 
Ccna3 mod9-vtp
byjmdoger
 
Chapter 8 .vlan.pdf
bymanojkumar595505
 
ccna3mod9_VLAN Trunking Protocol (1).pptx
byGiyaShefin
 
Exploiting First Hop Protocols to Own the Network - Paul Coggin
byEC-Council
 
Tn 310 vlan-trunking
bysali Ibrahimu
 
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
byMR. VIKRAM SNEHI
 
Vlan.pdf
byitwkd
 
CCNA- part 9 vlan
bySandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 

Recently uploaded

PDF
Building Voice Agents with Google Agent Development Kit
bySuresh Peiris
 
PPTX
The Abomination of AI – keynote at ICoSCI 2026
byAlan Dix
 
PDF
Salesforce Sales Cloud and Generative AI Present a Fresh Approach to Personal...
byMinuscule Technologies
 
PDF
A paper in the leading academic journal Telecommunication Policy cited Scott ...
byScott M. Graffius
 
PDF
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 
PPTX
Robot Vacuums are Cleaning Up. The global robot vacuum segment has high marke...
byRobert March
 
PDF
January Patch Tuesday
byIvanti
 
PDF
Profiting from Technological Innovation: Managing Intellectual Property to Bu...
byDavid Teece
 
PDF
Intro to CrafterQ - AI Agent Platform for the Enterprise.pdf
byCrafterQ
 
PDF
One String, Many Prompts: AI Code Generation
byGeoffrey Goetz
 
PDF
TopMate ES11 3-Wheel Electric Scooter: Comfort, Stability, and Independence f...
byTopmate
 
PPTX
computer science class 11 ( phishing and fraud mails) .pptx
bybalajichess314
 
PDF
UiPath Coded Agents - A Developer Driven Agentic Automation Era
byUiPathCommunity
 
PDF
Pervasive Encryption - Keeping Data Secure.pdf
byPrecisely
 
PPTX
Accelerate Innovation with Engineering R&D Services
byChetu
 
PDF
Best 10 Dedicated Servers in Amsterdam, Netherlands (2026 Enterprise Edition)...
byAtal Networks
 
PPTX
Storage-and-HCI-Positioning-update-sales.pptx
byhungungphu123
 
PPTX
Design Flaws and Known Attacks in Agentic AI - ITI Business Session
byInformation Technology Institute
 
PPTX
WIFI Enabled 8 by 32 Matrix.pptx for final year project
bymdsabbirhossain524856
 
PDF
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
Building Voice Agents with Google Agent Development Kit
bySuresh Peiris
 
The Abomination of AI – keynote at ICoSCI 2026
byAlan Dix
 
Salesforce Sales Cloud and Generative AI Present a Fresh Approach to Personal...
byMinuscule Technologies
 
A paper in the leading academic journal Telecommunication Policy cited Scott ...
byScott M. Graffius
 
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 
Robot Vacuums are Cleaning Up. The global robot vacuum segment has high marke...
byRobert March
 
January Patch Tuesday
byIvanti
 
Profiting from Technological Innovation: Managing Intellectual Property to Bu...
byDavid Teece
 
Intro to CrafterQ - AI Agent Platform for the Enterprise.pdf
byCrafterQ
 
One String, Many Prompts: AI Code Generation
byGeoffrey Goetz
 
TopMate ES11 3-Wheel Electric Scooter: Comfort, Stability, and Independence f...
byTopmate
 
computer science class 11 ( phishing and fraud mails) .pptx
bybalajichess314
 
UiPath Coded Agents - A Developer Driven Agentic Automation Era
byUiPathCommunity
 
Pervasive Encryption - Keeping Data Secure.pdf
byPrecisely
 
Accelerate Innovation with Engineering R&D Services
byChetu
 
Best 10 Dedicated Servers in Amsterdam, Netherlands (2026 Enterprise Edition)...
byAtal Networks
 
Storage-and-HCI-Positioning-update-sales.pptx
byhungungphu123
 
Design Flaws and Known Attacks in Agentic AI - ITI Business Session
byInformation Technology Institute
 
WIFI Enabled 8 by 32 Matrix.pptx for final year project
bymdsabbirhossain524856
 
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 

Frogger vlan hopping

  • 1.
  • 2.
    Agenda ● Basics ofVLAN ● Need of VLAN ● Basicks of TRUNK port ● CDP Packets ● DTP ● Mitigation ● Demo & Prerequisites 2
  • 3.
    VLAN ● VLANs isa Layer 2 network protocol. A VLAN is a group of devices on one or more LANs that are configured to communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. Because VLANs are based on logical instead of physical connections, they are extremely flexible. ● Traffic cannot pass directly to another VLAN (between broadcast domains) within the switch or between two switches. To interconnect two different VLANs, you must use routers or Layer 3 switches. 3
  • 4.
    Need of VLAN ●The network needs to configure a port into the suitable VLAN in order to achieve change, add or move. ● In the VLAN a group of users with the demand of high security can be included so that the external users out the VLAN cannot interact with them. ● When it comes to logical classification of users in terms of function, we can consider VLAN as independent from their geographic or physical locations. ● Even the security of network can be enhanced by VLAN. 4
  • 5.
  • 6.
    VLAN Trunk ● Trunksare used to carry traffic that belongs to multiple VLANs between devices over the same link. A device can determine which VLAN the traffic belongs to by its VLAN identifier. The VLAN identifier is a tag that is encapsulated with the data. ISL and 802.1Q are two types of encapsulation that are used to carry data from multiple VLANs over trunk links. ● ISL: It is a Cisco proprietary protocol for the interconnection of multiple switches and maintenance of VLAN information as traffic goes between switches and can support up to 1000 VLANs. ● 802.1Q(Dot1Q): It is the IEEE standard for tagging frames on a trunk and supports up to 4096 VLANs. 6
  • 7.
    CDP ● Cisco DiscoveryProtocol (CDP) is a proprietary Data Link Layer protocol developed by Cisco Systems. It is used to share information about other directly connected Cisco equipment, such as the operating system version and IP address. ● CDP announcements are sent at every 60 seconds on interfaces. 7
  • 8.
    DTP ● The DynamicTrunking Protocol (DTP) is a proprietary networking protocol developed by Cisco Systems for the purpose of negotiating trunking on a link between two VLAN-aware switches, and for negotiating the type of trunking encapsulation to be used. It works on Layer 2 of the OSI model. ● DTP Attack... ● We can craft bogus DTP frames in order to negotiate a trunk port mode from the switch. This trunking connection would allow us to inject traffic into whatever VLAN’s are allowed on the port. Worst case scenario, this will include ALL VLAN’s by default. The attacker can also gain access to VIEW any traffic traversing any VLAN’s the port can now view!!! 8
  • 9.
    Modes of SwitchPort ● Access -- Puts the LAN port into permanent non-trunking mode and negotiates to convert the link into a non-trunk link. The LAN port becomes a non-trunk port even if the neighboring LAN port does not agree to the change. (PC, Server, Printer, etc…) ● Trunk -- Puts the LAN port into permanent trunking mode and negotiates to convert the link into a trunk link. The LAN port becomes a trunk port even if the neighboring port does not agree to the change. (Switch to Switch) ● Dynamic Auto -- Makes the LAN port willing to convert the link to a trunk link. The LAN port becomes a trunk port if the neighboring LAN port is set to trunk or dynamic desirable mode. 9
  • 10.
    ● Dynamic Desirable(Default Mode) -- Makes the LAN port actively attempt to convert the link to a trunk link. The LAN port becomes a trunk port if the neighboring LAN port is set to trunk, dynamic desirable, or dynamic auto mode. ● Nonegotiate -- Puts the LAN port into permanent trunking mode but prevents the port from generating DTP frames. You must configure the neighboring port manually as a trunk port to establish a trunk link. 10
  • 11.
  • 12.
    Mitigation ● Disabling Trunking ●Prevent Switch Spoofing ● Ensure that ports are not set to negotiate trunks automatically by disabling DTP ● Prevent double tagging ● Simply do not put any hosts on VLAN 1 (The default VLAN) ● Change the native VLAN on all trunk ports to an unused VLAN ID 12

Editor's Notes

  • #7 In ISL, the original frame is encapsulated and an additional header is added before the frame is carried over a trunk link. At the receiving end, the header is removed and the frame is forwarded to the assigned VLAN.
  • #13 Switch spoofing is a type of VLAN hopping attack that takes advantage of an incorrectly configured trunk port. The native VLAN is the only VLAN which is not tagged in a trunk, in other words, native VLAN frames are transmitted unchanged.