By default, DTP auto negation is enabled on Cisco switches on all layer 2 ports and they are placed in VLAN 1. These two defaults allow for an easy way to just deploy a switch, or attach another switch to gain more port density, without needing any configuration knowledge. While this is very helpful, the use of VLAN 1 and leaving DTP auto negation on has been widely accepted as standard use for data ports and in turn has left the ability for someone with physical access to gain access to other VLANs and the devices in them.
In part 0 of this series we are going to go over the theory of why the use of DTP and VLAN 1 could be used to allow for an attacker to execute a VLAN hopping attack.
Dynamic Trunking Protocol (DTP) is a Cisco proprietary protocol used to allow for trunks to automatically…
View original post 851 mots de plus