Posted on

Download E-books LAN Switch Security: What Hackers Know About Your Switches PDF

By Eric Vyncke

LAN swap safety: What Hackers find out about Your Switches

A functional consultant to hardening Layer 2 units and preventing campus community attacks

Eric Vyncke

Christopher Paggen, CCIE® No. 2659

Contrary to well known trust, Ethernet switches usually are not inherently safe. safety vulnerabilities in Ethernet switches are a number of: from the swap implementation, to regulate aircraft protocols (Spanning Tree Protocol [STP], Cisco® Discovery Protocol [CDP], and so forth) and information airplane protocols, akin to handle Routing Protocol (ARP) or Dynamic Host Configuration Protocol (DHCP). LAN swap protection explains all of the vulnerabilities in a community infrastructure regarding Ethernet switches. extra, this ebook exhibits you the way to configure a change to avoid or to mitigate assaults in response to these vulnerabilities. This ebook additionally features a part on the way to use an Ethernet swap to extend the safety of a community and forestall destiny attacks.

Divided into 4 elements, LAN change protection offers you steps you could take to make sure the integrity of either voice and knowledge site visitors touring over Layer 2 units. half I covers vulnerabilities in Layer 2 protocols and the way to configure switches to avoid assaults opposed to these vulnerabilities. half II addresses denial-of-service (DoS) assaults on an Ethernet swap and indicates how these assaults could be mitigated. half III exhibits how a swap can really increase the protection of a community during the usage of wirespeed entry keep an eye on checklist (ACL) processing and IEEE 802.1x for person authentication and authorization. half IV examines destiny advancements from the LinkSec operating crew on the IEEE. For all elements, lots of the content material is seller self sufficient and comes in handy for all community architects deploying Ethernet switches.

After analyzing this publication, you've got an in-depth knowing of LAN safety and be ready to plug the protection holes that exist in a good number of campus networks.

Eric Vyncke has a master’s measure in desktop technological know-how engineering from the collage of Liège in Belgium. considering that 1997, Eric has labored as a uncommon Consulting Engineer for Cisco, the place he's a technical advisor for safety masking Europe. His specialty for twenty years has been almost always defense from Layer 2 to purposes. he's additionally visitor professor at Belgian universities for protection seminars.

Christopher Paggen, CCIE® No. 2659, acquired a level in desktop technological know-how from IESSL in Liège (Belgium) and a master’s measure in economics from collage of Mons-Hainaut (UMH) in Belgium. He has been with Cisco due to the fact that 1996 the place he has held a variety of positions within the fields of LAN switching and defense, both as pre-sales help, post-sales aid, community layout engineer, or technical consultant to varied engineering groups. Christopher is a widespread speaker at occasions, reminiscent of Networkers, and has filed numerous U.S. patents within the defense area.

Contributing Authors:

Jason Frazier is a technical chief within the expertise structures Engineering staff for Cisco.

Steinthor Bjarnason is a consulting engineer for Cisco.

Ken Hook is a swap defense answer supervisor for Cisco.

Rajesh Bhandari is a technical chief and a community safeguard recommendations architect for Cisco.

  • Use port defense to guard opposed to CAM attacks

  • Prevent spanning-tree assaults

  • Isolate VLANs with right configuration techniques

  • Protect opposed to rogue DHCP servers

  • Block ARP snooping

  • Prevent IPv6 neighbor discovery and router solicitation exploitation

  • Identify strength over Ethernet vulnerabilities

  • Mitigate dangers from HSRP and VRPP

  • Stop info leaks with CDP, PaGP, VTP, CGMP and different Cisco ancillary protocols

  • Understand and stop DoS assaults opposed to switches

  • Enforce uncomplicated wirespeed safety regulations with ACLs

  • Implement person authentication on a port base with IEEE 802.1x

  • Use new IEEE protocols to encrypt all Ethernet frames at wirespeed.

This protection publication is a part of the Cisco Press® Networking expertise sequence. protection titles from Cisco Press support networking pros safe serious info and assets, hinder and mitigate community assaults, and construct end-to-end self-defending networks.

Category: Cisco Press–Security

Covers: Ethernet swap Security


Show description

Read or Download LAN Switch Security: What Hackers Know About Your Switches PDF

Best Comptia books

Low Voltage Wiring: Security/Fire Alarm Systems

Best-of-the-best directions for dealing with low voltage wiring The A-Z reference on designing, fitting, preserving, and troubleshooting smooth defense and fireplace alarm platforms is now absolutely up to date in a brand new version. ready via Terry Kennedy and John E. Traister, authors with over 3 a long time of hands-on event apiece within the building undefined, Low Voltage Wiring: Security/Fire Alarm platforms, 3rd variation offers the entire acceptable wiring facts you must paintings on safeguard and hearth alarm structures in residential, advertisement, and business constructions.

Hacking Exposed: Network Security Secrets & Solutions, Third Edition (Hacking Exposed)

Research in-depth perception into how hackers infiltrate e-business and the way they are often stopped. The booklet comprises up to date hacks and countermeasures, together with the newest denial of provider assaults, electronic mail assaults, viruses, and internet hacks. there's additionally assurance of home windows XP Server. The CD includes customized scripts created, seller instruments, a default password database, and an digital define of the booklet with stay hyperlinks to all the instruments which are referenced within the ebook.

Inside Java(TM) 2 Platform Security: Architecture, API Design, and Implementation

"The booklet is of large final result and capability worth. The Java 2 Platform safety represents an strengthen of significant proportions, and the data during this e-book is captured nowhere else. " --Peter G. Neumann, valuable Scientist, SRI foreign desktop technological know-how Lab, writer of Computer-Related hazards, and Moderator of the hazards discussion board "Profound!

Ajax Security

The Hands-On, useful advisor to combating Ajax-Related protection Vulnerabilities   an increasing number of sites are being rewritten as Ajax purposes; even conventional computing device software program is swiftly relocating to the internet through Ajax. yet, all too frequently, this transition is being made with reckless put out of your mind for defense.

Additional resources for LAN Switch Security: What Hackers Know About Your Switches

Show sample text content

Rated 4.68 of 5 – based on 31 votes