How often does double tagging work? A while ago, I tried to send a VLAN frame through a switch that already had VLANs enabled and it didn't go through. The only place I've seen double tagging is with telecom equipment designed to connect a customer to a fibre. The carrier would use the outer tag to isolate customers on the fibre, leaving the inner tag for the customer to use. Your precautions, I would call normal configuration, that is make access ports access ports only and enable VLANs only where needed, such as VoIP phones that also connect a computer or WiFi access points that have multiple SSIDs.
Absolutely, I agree! I would call it normal configuration as well. There's a reason why it's normal configurations :) The only times I've seen or heard of double tagging has been when someone is testing it out. I have not seen an actual attacker use this method before. Perhaps that's because if you use best practices, you don't open yourself up for this type of attack.
You are awesome. Thank you for this informative explanation
Thank you for such kind words!!! You are welcome, glad your enjoying my videos :)
How often does double tagging work? A while ago, I tried to send a VLAN frame through a switch that already had VLANs enabled and it didn't go through. The only place I've seen double tagging is with telecom equipment designed to connect a customer to a fibre. The carrier would use the outer tag to isolate customers on the fibre, leaving the inner tag for the customer to use.
Your precautions, I would call normal configuration, that is make access ports access ports only and enable VLANs only where needed, such as VoIP phones that also connect a computer or WiFi access points that have multiple SSIDs.
Absolutely, I agree! I would call it normal configuration as well. There's a reason why it's normal configurations :)
The only times I've seen or heard of double tagging has been when someone is testing it out. I have not seen an actual attacker use this method before. Perhaps that's because if you use best practices, you don't open yourself up for this type of attack.