Host Logical Network Segregation Weakness

This script is Copyright (C) 2007-2011 Tenable Network Security, Inc.

Synopsis :

The physical network is set up in a potentially insecure way.

Description :

The remote host is on a different logical network than the
Nessus scanner. However, it is on the same physical subnet.

An attacker connecting from the same network as your Nessus
scanner could reconfigure his system to force it to belong
to the subnet of the remote host.

This may allow an attacker to bypass network filtering between
the two subnets.

Solution :

Use VLANs to separate different logical networks.

Risk factor :


Family: Firewalls

Nessus Plugin ID: 23971 (bad_vlan.nasl)

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now