Last week, I was lucky enough to assist Richard Bejtlich with his Black Hat 2007 training course, "TCP/IP Weapons School" (sold out both sessions!). While in class going through layer 2 and layer 3 attacks from long ago (and here I define "long" as pre-2003) I couldn't help but thinking how vulnerabilities have a sneaky way of going dormant and then creeping back up after everyone has forgotten about them.

Today, Hoff (whom I only met recently, in Richard's class) writes about VMware's Virtual Switches and the possibility of these "old" layer 2 and layer 3 attacks finding a new home betwixt virtual machines on the same physical host. Now that we've all gone to the trouble of using static MAC security settings on our shiny Cisco Catalyst switches, we have to worry about the not-so-shiny and very virtualized Vswitches??

A five-year-old "macof" attack could suddenly be relevant again. I can't wait until we come full circle and start using 8" diskettes and punch cards; I've got a box of them in the garage.