What is a method to launch a VLAN hopping attack?
- introducing a rogue switch and enabling trunking
- flooding the switch with MAC addresses
- sending spoofed IP addresses from the attacking host
- sending spoofed native VLAN information
-
Answers Explanation & Hints: One method to launch a VLAN hopping attack is by introducing a rogue switch and enabling trunking.
In this type of attack, the attacker connects a rogue switch to the network and configures it to enable trunking. Trunking is a feature that allows multiple VLANs to be carried over a single physical link between switches. By enabling trunking, the attacker can send traffic for multiple VLANs across the network and potentially gain access to VLANs that they should not have access to.
The rogue switch can be configured to send frames with a VLAN ID that belongs to another VLAN, which can trick the switch into forwarding frames to the wrong VLAN. This is known as double tagging or double encapsulation. The attacker can then receive and potentially modify the frames that are sent to the wrong VLAN.
Flooding the switch with MAC addresses or sending spoofed IP addresses from the attacking host are not methods to launch a VLAN hopping attack. Sending spoofed native VLAN information could potentially be used in a VLAN hopping attack, but it is not a common method.