Re: Security of traffic.

From: p729@xxxxxxx
Date: Wed Jun 05 2002 - 00:56:30 GMT-3

• Next message: kris.keen@xxxxxxxxxx: "Re: Cisco Systems announces the End of Sale and End of Life for the Catalyst ® 3900 and 3920 Token Ring switches"
• Previous message: elping: "Re: Cisco Systems announces the End of Sale and End of Life for the Catalyst® 3900 and 3920 Token Ring switches"
• Maybe in reply to: Casey, Paul (6822): "Security of traffic."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
For what it's worth, a colleague of mine asked a very similar question at a Net
workers security session a few years ago. The response was couched in a bit of
hand-wringing and was essentially "the VLAN tagging and differentiation schemes
 were not designed and implemented with strong security in mind." Caveat emptor
.

I've never personally looked into whether there have been any bugs related to l
eaky VLANs, but I would imagine--as with most complex systems--many security-re
lated issues are due to pilot error.

Of course, nothing beats an air-gap for security.

Regards,

Mas Kato
https://ecardfile.com/id/mkato
============================================================
From: "Casey, Paul (6822)" <Paul.Casey@o2.com>
Date: 2002/06/04 Tue PM 02:00:59 EDT
To: "'ccielab@groupstudy.com'" <ccielab@groupstudy.com>
Subject: Security of traffic.

Hello Group,

We have and 6509 routing with 2 MSFC modules all internet traffic for the
ISP through specific vlans
We have a separate network for our billing traffic for security, however the
billing traffic is being passed through a switching blade on the 6509 at a
layer 2 . ie it is just being switched.on a specific vlan for connectivity
purposes of more ports,

Is there a security risk here ?????.. leaky vlans. should I being using a
totally saparate switch for this connectivity, or is it secure enough just
passing it through the 6509 switching blade.

The billing traffic is not being routed, so the billing network does not
show up on the 6509 as opposed to the internet data traffic.

Any help appreciated.
Kind regards.
Paul.

*******************************************************************************
*********

This E-mail is from O2. The E-mail and any files
transmitted with it are confidential and may also be privileged and intended
solely for the use of the individual or entity to whom they are addressed.
Any unauthorised direct or indirect dissemination, distribution or copying
of this message and any attachments is strictly prohibited. If you have
received the E-mail in error please notify postmaster@O2.com or
                  telephone ++ 353 1 6095000.

*******************************************************************************
**********

• Next message: kris.keen@xxxxxxxxxx: "Re: Cisco Systems announces the End of Sale and End of Life for the Catalyst ® 3900 and 3920 Token Ring switches"
• Previous message: elping: "Re: Cisco Systems announces the End of Sale and End of Life for the Catalyst® 3900 and 3920 Token Ring switches"
• Maybe in reply to: Casey, Paul (6822): "Security of traffic."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Jul 02 2002 - 08:12:24 GMT-3