Difference between revisions of "CCNA Explorer 3 Basic Switch Concepts and Configuration"
From Teknologisk videncenter
m |
m |
||
(10 intermediate revisions by 2 users not shown) | |||
Line 95: | Line 95: | ||
|[[Image:ScreenShot062.jpg|800px|left|thumb|Backup to TFTP server]] | |[[Image:ScreenShot062.jpg|800px|left|thumb|Backup to TFTP server]] | ||
|- | |- | ||
− | |[[Image: | + | |[[Image:ScreenShot063.jpg|800px|left|thumb|Erase nvram:]] |
|- | |- | ||
|[[CCNA_Explorer_4_Network_Security#Filsystemer_prefixer|Filsystem prefixer]] | |[[CCNA_Explorer_4_Network_Security#Filsystemer_prefixer|Filsystem prefixer]] | ||
+ | |- | ||
+ | |[[Image:ScreenShot064.jpg|800px|left|thumb|Configure console access]] | ||
+ | |- | ||
+ | |[[Image:ScreenShot065.jpg|800px|left|thumb|Configure VTY access]] | ||
+ | |- | ||
+ | |[[Image:ScreenShot066.jpg|800px|left|thumb|EXEC mode password]] | ||
+ | |- | ||
+ | |[[Image:ScreenShot1061.jpg|800px|left|thumb|Configure encypted passwords]] | ||
+ | |- | ||
+ | |[[Image:ScreenShot001.jpg|800px|left|thumb|Password recovery]] | ||
+ | |- | ||
+ | |[[Image:ScreenShotNew001.jpg|800px|left|thumb|Banner login]] | ||
+ | |- | ||
+ | |[[Image:ScreenShotNew002.jpg|800px|left|thumb|Banner motd]] | ||
+ | |- | ||
+ | |[[Image:ScreenShotNew003.jpg|800px|left|thumb|Telnet & SSH]] | ||
+ | |- | ||
+ | |[[Image:ScreenShotNew004.jpg|800px|left|thumb|Transport input telnet]] | ||
+ | |- | ||
+ | |[[Image:ScreenShotNew005.jpg|800px|left|thumb|Transport input SSH]] | ||
|- | |- | ||
| | | | ||
− | + | Hvad med '''aaa new-model''' & '''username cisco password cisco''' | |
+ | ==Common Security Attacks== | ||
+ | ===MAC Address Flooding=== | ||
+ | {| | ||
+ | |[[Image:ScreenShotNew006.jpg|800px|left|thumb|MAC flooding attack step 1]] | ||
+ | |- | ||
+ | |[[Image:ScreenShotNew007.jpg|800px|left|thumb|MAC flooding attack step 2]] | ||
+ | |- | ||
+ | |[[Image:ScreenShotNew008.jpg|800px|left|thumb|MAC flooding attack step 3]] | ||
+ | |- | ||
+ | |[[Image:ScreenShotNew009.jpg|800px|left|thumb|MAC flooding attack step 4]] | ||
+ | |- | ||
+ | |[[Image:ScreenShotNew010.jpg|800px|left|thumb|MAC flooding attack step 5]] | ||
+ | |} | ||
+ | [http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_25_see/configuration/guide/swsdm.html SDM Templates] | ||
+ | |||
+ | ===DHCP Spoofing=== | ||
+ | {| | ||
+ | |[[Image:ScreenShotNew011.jpg|800px|left|thumb|DHCP Spoofing]] | ||
+ | |- | ||
+ | |[[Image:ScreenShotNew012.jpg|800px|left|thumb|CDP Attack]] | ||
+ | |- | ||
+ | |[[Image:ScreenShotNew013.jpg|800px|left|thumb|Telnet Attack]] | ||
+ | |- | ||
+ | |[[Image:ScreenShotNew014.jpg|800px|left|thumb|Security Tools]] | ||
+ | |- | ||
+ | |[[Image:ScreenShotNew015.jpg|800px|left|thumb|Switchport Security]] | ||
+ | |- | ||
+ | |[[Image:ScreenShotNew016.jpg|800px|left|thumb|Switchport Security configuration]] | ||
+ | |- | ||
+ | |[[Image:ScreenShotNew017.jpg|800px|left|thumb|Verify port security]] | ||
+ | |- | ||
+ | |[[Image:ScreenShotNew017.jpg|800px|left|thumb|Secure Unused Ports]] | ||
+ | |} | ||
+ | '''Security Violation Modes''' | ||
+ | *'''Protect''': When the number of secure MAC addresses reaches the limit allowed on the port, packets with unknown source addresses are dropped. | ||
+ | *'''Restrict''': When the number of secure MAC addresses reaches the limit allowed on the port, packets with unknown source addresses are dropped. A SNMP trap is sent, a syslog message is logged, and the violation counter increments. | ||
+ | *'''Shutdown'''(Default<ref>http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/port_sec.html#wp1038518</ref>): In this mode, a port security violation causes the interface to immediately become error-disabled and turns off the port LED. It also sends an SNMP trap, logs a syslog message. | ||
+ | =References= | ||
+ | <references/> |
Latest revision as of 10:00, 7 August 2013
| ||||||||||||||||||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||||||||||||||||||
ContentsNavigating Command-Line Interfaces Modes
|