Build Your Own Cybersecurity Testing Lab by Ric Messier
Author:Ric Messier
Language: eng
Format: epub
Publisher: McGraw-Hill Education
Published: 2020-01-15T00:00:00+00:00
Private VLANs
Once you are on a physical network, meaning in the same broadcast domain, as a number of other systems, you can communicate to those other systems at layer 2. You may also be able to listen to the traffic of other systems on that broadcast domain. This may require a technique called spoofing, but itâs not a difficult technique and there are multiple tools available for it. However, this may be something you donât want to happen. You may need devices in the same network segment, but you donât want them communicating directly with each other. This used to be common in the days when devices were all on the same network segment for management purposes, but the front-end networks, where all the user services resided, were on completely different networks.
There is a way to protect devices from each other even if they are on the same network segment. You can use something called a private VLAN to prevent devices from communicating with each other. The way a private VLAN works is it essentially creates an access control list in the switch. The switch will only allow devices to communicate with a configured gateway. You could think of this as an uplink port. Without that uplink port, the device canât communicate on any other device on the network. Every other port on the VLAN is isolated, meaning it canât see any of its other neighbors on the VLAN.
In practice, this looks to every system like itâs on a network all by itself with just the gateway device. You can see a representation of that in Figure 6-7. In reality, all the ports shown are in the same VLAN, but from their perspective, they are alone in the VLAN with the gateway device. This gateway doesnât have to be a router. It could also be a firewall or any other device that can carry traffic from one IP network to another IP network. The isolation is done at the switch, so any misconfiguration in the switch can lead to systems being able to communicate with other devices in the VLAN.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Sass and Compass in Action by Wynn Netherland Nathan Weizenbaum Chris Eppstein Brandon Mathis(7810)
Grails in Action by Glen Smith Peter Ledbrook(7719)
Azure Containers Explained by Wesley Haakman & Richard Hooper(6840)
Configuring Windows Server Hybrid Advanced Services Exam Ref AZ-801 by Chris Gill(6839)
Running Windows Containers on AWS by Marcio Morales(6367)
Kotlin in Action by Dmitry Jemerov(5092)
Microsoft 365 Identity and Services Exam Guide MS-100 by Aaron Guilmette(5070)
Combating Crime on the Dark Web by Nearchos Nearchou(4648)
Microsoft Cybersecurity Architect Exam Ref SC-100 by Dwayne Natwick(4616)
Management Strategies for the Cloud Revolution: How Cloud Computing Is Transforming Business and Why You Can't Afford to Be Left Behind by Charles Babcock(4438)
The Ruby Workshop by Akshat Paul Peter Philips Dániel Szabó and Cheyne Wallace(4335)
The Age of Surveillance Capitalism by Shoshana Zuboff(3979)
Python for Security and Networking - Third Edition by José Manuel Ortega(3895)
The Ultimate Docker Container Book by Schenker Gabriel N.;(3555)
Learn Wireshark by Lisa Bock(3531)
Learn Windows PowerShell in a Month of Lunches by Don Jones(3528)
Mastering Python for Networking and Security by José Manuel Ortega(3376)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3356)
Blockchain Basics by Daniel Drescher(3325)
