[VOIPSEC] Actual Attacks
Russell Howe
rhowe at wiss.co.uk
Sun Feb 20 04:52:10 CST 2005
On Sat, Feb 19, 2005 at 09:46:56PM -0600, Christopher A. Martin wrote:
> Endpoints will have to become robust enough to not only support VLAN tagging
> but also association of specific applications to VLAN
Then what happens when a device which does VLAN tagging gets
compromised? Nothing to stop the malicious code from chatting on
whichever VLAN it wishes, surely?
If you move to making user devices VLAN aware, I don't see how you can
use VLANs as an effective security mechanism. They may well add an
element of obscurity, but security by obscurity isn't something to rely
on.
--
Russell Howe | Why be just another cog in the machine,
rhowe at siksai.co.uk | when you can be the spanner in the works?
More information about the Voipsec
mailing list