Host Logical Network Segregation Weakness

This script is Copyright (C) 2007-2011 Tenable Network Security, Inc.

Synopsis :

The physical network is set up in a potentially insecure way.

Description :

The remote host is on a different logical network than the
Nessus scanner. However, it is on the same physical subnet.

An attacker connecting from the same network as your Nessus
scanner could reconfigure his system to force it to belong
to the subnet of the remote host.

This may allow an attacker to bypass network filtering between
the two subnets.

Solution :

Use VLANs to separate different logical networks.

Risk factor :


Family: Firewalls

Nessus Plugin ID: 23971 (bad_vlan.nasl)

Bugtraq ID:


Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial