Host Logical Network Segregation Weakness

low Nessus Plugin ID 23971

Synopsis

The physical network is set up in a potentially insecure way.

Description

The remote host is on a different logical network than the Nessus scanner. However, it is on the same physical subnet.

An attacker connecting from the same network as your Nessus scanner could reconfigure his system to force it to belong to the subnet of the remote host.

This may allow an attacker to bypass network filtering between the two subnets.

Solution

Use VLANs to separate different logical networks.

Plugin Details

Severity: Low

ID: 23971

File Name: bad_vlan.nasl

Version: 1.17

Type: remote

Family: Firewalls

Published: 1/3/2007

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus