Tools for Penetration Testing VLANs and Firewall Rules

Schmidty15 · February 28, 2023, 1:18am

I recently upgraded my home router to a Ubiquiti Dream Machine SE and I’m working on setting up an isolated VLAN for some public facing web and game servers. So far I have some basic rules in place to disable inter-VLAN routing between the public VLAN and my private VLANs.

My public VLAN seems to be isolated enough, but I’d like to do some more in-depth penetration testing. Does anyone know of any tools or test suites that might help me verify that my public VLAN is truly isolated from my private VLANs? Maybe a test suite that would test configuration issues like VLAN hopping?

xMAXIMUSx · February 28, 2023, 2:41am

I use Nessus for pen testing. You can get a free activation code for up to 16 IP’s for free.

Schmidty15 · February 28, 2023, 5:02am

Thanks, I’ll check it out

LTS_Tom · February 28, 2023, 12:17pm

For simple network testing putting a device on that network and running NMAP scanning for your other networks would be the easiest way. There are no currently known vulnerabilities that allow VLAN hopping in UniFi.

Schmidty15 · March 1, 2023, 4:24am

Cool, thanks for the suggestion Tom!

neogrid · March 1, 2023, 9:12am

Most Pen Testers use Kali Linux, I’ve never used it myself but it must have everything needed.

xerxes · October 21, 2024, 12:15am

I run Nessus and Greenbone CE.
I good tool for managing the results from several tools is DefectDojo.