[Tfug] WRT54G (et al.) hacking
Bexley Hall
bexley401 at yahoo.com
Fri Jun 12 20:53:55 MST 2009
Hi, Eric,
> > And if I run a packet sniffer on any of the ports I won't see ANY
> > traffic not designated to be routed to that port??
>
> Yes... the separate logical VLANs create their own, distinct broadcast
> domains. If you sniff on port 2 and it's on VLAN 10 and then sniff
> port 3 and it's on VLAN 11 they won't see each other's broadcast/ARP
> traffic. Don't confuse routing with layer 2 traffic - the ports that
> are assigned different VLANs won't only not see routed traffic, they
> won't see each other's Layer 2 traffic as well
Just to make sure we're clear on this...
I can set up a host on ANOTHER port, set it's NIC to promiscuous
mode (so I can see *every* packet that passes on the wire regardless
of the MAC address specified *in* that packet) and NEVER see a
packet not *intended* for the host(s) on that port (being sniffed)?
Think "security" not "this is how things SHOULD work if everyone
plays by the rules"...
> For example - port 2 is in VLAN 100, VLAN 100 is assigned the IP
> address range 192.168.100.0/24, and 192.168.100.1 is VLAN 100's
> default gateway (and port 2's default gateway because it's assigned to
> that VLAN)
>
> Port 4 is assigned VLAN 200, the IP address range 192.168.200.0/24 and
> 192.168.200.1 is VLAN 200's default gateway (and port 4's default
> gateway)
>
> The only thing I'm not entirely sure of is setting the default
> gateways on each VLAN in dd-wrt - can dd-wrt do layer 3 switching
> (that is, VLANs with default gateway and the switch does
> the routing?)
AFAICT, the switch just filters based on MAC addresses that it
"senses" in the (incoming) port.. I.e., if I set up a box with
a MAC cloned from a host on some *other* port, I can trick the
WRT's switch into routing packets to *me* instead of that
REAL host.
> I would imagine they can, because setting up a trunk port to a 'real'
> router (such as a Cisco 2811) doing 'router on a stick' from a WRT54G
> would just be silly...
>
> I can play around with this tonight on the WRT54G I have at
> the house if you like
I need to think about a good way to reliably test this. Maybe
I can borrow a network analyzer and play...
--don
More information about the tfug
mailing list