Virtual Local Area Network Hopping

Why Trust Techopedia

What Does Virtual Local Area Network Hopping Mean?

Virtual local area network hopping (VLAN hopping) is a computer security exploit method for attacking computer resources that are connected on a virtual LAN (VLAN). The concept of VLAN hopping is to gain access to other VLANs that are present on the same network to which the hacker already has access. The attacker must have access to at least a single VLAN on the network to use as a base of operations from which to attack other VLANs.

Advertisements

Techopedia Explains Virtual Local Area Network Hopping

Gaining access to VLANs is one of the most significant ways to compromise network security, which gives the attacker almost total control. VLANs use a process called trunking, where a VLAN’s switches are set so that they look for specific channels to send and receive data. Attackers use this process as a back door to infiltrate other VLANs in the network.

There are two methods of attack. The first exploits autotrunking, although this is not available or activated on all switches. The attacker makes the trunk switch constantly, providing access to all VLANs allowed on the trunk port and allowing the attacker to choose one. This is called switch spoofing.

The second method involves sending data frames with the 802.1Q tags to two switches – the attacking switch and victim switch. The victim switch is tricked into behaving as if the frame is intended for it and then sends it along to the other VLANs. When the attacker gains access to the VLAN, he is able to do almost anything – as if he were at the terminal – such as copying/deleting files, uploading viruses, installing other applications or even changing settings.

Advertisements

Related Terms

Margaret Rouse
Technology Specialist
Margaret Rouse
Technology Specialist

Margaret is an award-winning writer and educator known for her ability to explain complex technical topics to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles in the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret’s idea of ​​a fun day is to help IT and business professionals to learn to speak each other’s highly specialized languages.