Overview
Explore VLAN hopping, ARP poisoning, and Man-in-the-Middle attacks in virtualized environments through this comprehensive conference talk from ANYCon 2017. Delve into the publication history of the research, key questions, and potential consequences. Examine various test scenarios and results using both old and new hardware specifications. Witness demonstrations of VLAN hopping attacks, including switch spoofing and double-tagging, across different network configurations. Gain insights into the Address Resolution Protocol (ARP) process, ARP spoofing results, and mitigation strategies. Conclude by comparing virtual and physical environments in terms of security vulnerabilities and countermeasures.
Syllabus
Intro
Publication History of this Research
Road Map
Key Question
Consequences
Test Scenarios & Results
Old Hardware Specs
New Hardware Specs
VLAN Hopping Attacks
Virtual LAN Tag
Switch Spoofing Demo (VMWare ESXi 6.0)
Switch Spoofing Results
Double-Tagging Demo (Two Physical Switches)
Double-Tagging Demo (Two Virtual Switches w/ a Cisco 2950 in the Middle)
Double-Tagging Demo (One Physical Switch)
Double Tagging Results
Address Resolution Protocol
ARP Process
ARP Spoofing Results
ARP Spoofing Mitigation
Conclusion: Virtual vs Physical?