CCNP 3 Minimizing Service Loss and Data Theft in a Campus Network

From Teknologisk videncenter
Revision as of 13:30, 15 September 2010 by Rael (talk | contribs) (New page: =Understanding Switch Security Issues= ==Describing Unauthorized Access by Rogue Devices== {| |800px|left|thumb|Rouge Access Points |} {|border=1 |MAC address F...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Understanding Switch Security Issues

Describing Unauthorized Access by Rogue Devices

Rouge Access Points
MAC address Flooding Port Security
VLAN Hooping Tighten up trunk configurations and the nogotiation state
Attacks between devices on a common VLAN Implement Private VLANS(PVLANs)
DHCP Spoofing USe DHCP Snooping
Spanning tree compromises Proactively configure the primary and backup root devices, Enable root guard
MAC Spoofing Use DHCP Snooping. Port security.
ARP Spoofing Use Dynamic ARP Inspection. DHCP Snooping, Port Security
CDP Manipulation Diable CDP on al ports where it is not intentionally used.
SSH & Telnet attacks Use SSHv2. Use Telnet with VTY ACLs
Retrieved from "http://mars.merhot.dk/w/index.php?title=CCNP_3_Minimizing_Service_Loss_and_Data_Theft_in_a_Campus_Network&oldid=14627"