[CentOS] VLAN issue

Tue Jan 27 23:25:11 UTC 2015
Gordon Messmer <gordon.messmer at gmail.com>

On 01/26/2015 06:00 PM, Boris Epstein wrote:
> What sort of security implications did you have in mind? Just curious.

I think the common uses of VLANs are to segregate traffic to reduce 
collisions, and to segment networks for security.  If you've added VLAN 
1 as the native VLAN, you might be exposing this host to attacks from 
that VLAN (assuming you gave it an address), or you might be exposing 
other hosts on the VLAN to attacks from that host if it's compromised. 
If your security policy is based on the policy of least privilege, then 
it's best not to provide a host with VLANs that it doesn't use/need.