comp.security.firewalls archive
Re: Big Hole on 3Com FastIP -- The Broken Vlan
Date: Fri Feb 24 2006 - 13:22:35 CET
Eirik Seim 写道:
> On 24 Feb 2006 00:06:08 -0800, Iron.Surf@gmail.com wrote:
> >
> >
> > Hi,
> > I found there is a big security problem on 3Com Switchs those support
> > FastIP.
>
> Did you try reporting the issue to 3Com?
yes. they will re-act it then reply to me.
>
> [snip]
>
> > 7, Now, These 2 pc can ping each other---pass through the diffrent
> > Vlans!
>
> There is no other device connected to the switch? No router, no
> third PC, no uplink to other switches/networks?
>
No any other device . they communacate directly---they know other's
arp. and i can see the packets between them.
> I've always said not to trust VLANs for security, but unless your
> switch does "layer 3 switching" this is just ridiculus.
this problem does not exist if 'fastip' was disabled.;)
>
>
> - Eirik
> --
> New and exciting signature!
any one can do the test on other switches which supports 'fastip'?
Received on Mon May 1 00:52:30 2006