catalog logoThe IAM Privilege Catalog

services / Google Cloud / Compute Engine packet mirroring

Packet mirroring allows duplication and forwarding of packets on a virtual private cloud.

Packet mirroring allows inspection of network traffic, allowing access to unencrypted network data.

compute.​packetMirrorings.​update

Can be used to modify which network components are mirrored and how they are filtered, leading to either increased network collection or defeated security monitoring.

Risks

  1. Automated data collection (BOOST)
  2. Defense destruction (EVASION)
  3. Spend (MEDIUM)
  4. Infrastructure consumption (LOW)

Scope: MEDIUM

This privilege may grant access to confidential data, or its exploit can incur operational cost.

Links

  • https:​/​/​cloud.​google.​com/​vpc/​docs/​packet-​mirroring
  • https:​/​/​cloud.​google.​com/​sdk/​gcloud/​reference/​compute/​packet-​mirrorings
  • https:​/​/​cloud.​google.​com/​compute/​docs/​reference/​rest/​v1/​packetMirrorings

    • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog