- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- LAN Routing
- >
- HP Switch compromise damage potential
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-08-2020 01:05 PM
01-08-2020 01:05 PM
HP Switch compromise damage potential
We have several HP Procurve E2910al switches. One thing I was curious about is the potential for damage from a compromised switch. In the event that a black-hat hacker is able to access the config for the switch, what could they realistically do?
Of course if they sabotage the config then we would know immediately, given that it would no longer work correctly. My bigger concern is if it's possible for an attacker to create some kind of rule that would send data offsite, thus capturing potential sensitive information. Is this a realistic threat?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-08-2020 11:10 PM
01-08-2020 11:10 PM
Re: HP Switch compromise damage potential
Hi, first of all it's worth to say - from a broader security perspective - that the HP ProCurve 2910al Switch series went EoL many years ago...said so...totally depending on your internal network scenario a major worry would be not to send data off-site (or creating a sort of denial of service through a bad configuration) but gaining switch access to mirror local data to an illegal collector host on-site...so physical and logical access to switch should be a priority to be sure its correct running configuration is secured at best as you can from leakages and modifications.
Clearly the potential damage should be also referenced to the logical position (and to the active features) the switch you're referring to has on your network topology.
I'm not an HPE Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-09-2020 04:46 AM
01-09-2020 04:46 AM
Re: HP Switch compromise damage potential
I don't deny the importance of on-site security but when speaking specifically about offsite, are you saying that such an attack is unlikely/impossible? From what I understood in your post, a compromised switch would first have to send data to another device which illegally collects information before sending offsite.
Thank you
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-09-2020 05:51 AM
01-09-2020 05:51 AM
Re: HP Switch compromise damage potential
I'm not an HPE Employee