SlideShare uma empresa Scribd logo

Introduction to layer 2 attacks & mitigation

Rishabh Dangwal
Rishabh Dangwal

An Introduction to layer 2 attacks & mitigation

Tecnologia
1 de 34
An Introduction to Layer 2 Attacks & Mitigation Rishabh Dangwal www.TheProhack.com | Twitter @prohack
Agenda  Layer 2 Security - The What, Why and What Now ?  Switching Basics  Quick Knowledge Check  The Attacks & their mitigation.  ARP based  Cisco Specific  STP & VLAN Attacks  Switch Configuration Review – What to look  Question Answer session.
Layer 2 Security The What, Why and What Now ?  OSI is a layered model and if one layer gets hacked, all layers are compromised.  Layer 2 Attacks are still very much relevant today.  Poorly configured Network environments.  Information gap between Network and Security Personnel (refer next slide).  Different architectures , same protocols; henceforth same weaknesses.  Security is only as strong as your weakest link.
Switching Basics  What is a Switch exactly ?  How does it function ?  VLAN basics.  Tagged and Untagged ports (also called as edge/access and Trunk ports).  Spanning Tree Basics.  Layer 3 Switching ?  More Layer 2 Switching Vendor specific technologies.
Quick Knowledge Check Kind questions to ask to your Network & Security Admins 1. How do they handle Network Security issues? 2. Is their network segmented by VLANs ? 3. Are their networked VLANs secure by design ? 4. What is the process of IP Segment allocation ? 5. Is there a formal Change Process in place ?
Flooding & Spoofing Attacks Attacks which utilize either flooding or resource starvation  ARP Poisoning  DHCP Starvation  CAM Table overflow
ARP Attacks  ARP Poisoning : can be easily carried out.  Stateless protocol.  NO inbuilt authentication  Limited to local network segments.  Can be escalated/exploited to MITM , SSH Interception , DOS, session hijacking attacks.  Tools of Trade : Ettercap, Cain & Abel , Dsniff
DHCP Starvation  DHCP Scope exhaustion by installing a rogue DHCP server.  Spoofed MAC requests broadcast/flood network.  Resource starvation occurs which may make a rogue server more effective.  Tools of Trade : Yersinia
CAM Table Overflow  Content Addressable Memory (CAM) is used in highly efficient search based environments.  Cisco switches use CAM to make MAC & interface mapping tables.  One can flood MAC in network which can fill CAM & thereby make a switch act like a hub.  Tools of Trade : Dsniff, Ettercap, Cain & Abel and more..
Flooding & Spoofing Attacks − Mitigation  Ensure Port Security is enabled (static ARP entries)  Enable Port Security  Enable DHCP Snooping.  Question Network admin on requirement of PARP / GARP if present in configuration.  Dynamic Arp Inspection .
Cisco Specific Attacks  CDP attacks − Applicable to Cisco IOS based devices.  VTP attacks − Applicable to Cisco Switches.  DTP Attack − Applicable to Cisco IOS based devices.  HSRP Abuse − Applicable to Cisco IOS based devices.
Cisco − CDP Attacks  Cisco Discovery Protocol (CDP) allows Cisco Devices to communicate with each other.  CDP communicates is unencrypted , unauthenticated & carries a ton of information.  CDP can be exploited to   CDP DOS (Even WLCs are vulnerable)  Overflow / Pollution / Corruption of CDP Cache  Raking up power bills (POE abuse)  Tools to Use : Yersinia
CDP Attacks − Mitigation  Turn CDP Off.  Check with Network guys for any specific requirement of CDP (VOIP phones/Tshoot).  All unused ports shall be shut by default.  BONUS : Different vendors have similar protocols −  Juniper / Huawei LLDP (LLDP Attack Framework)  Brocade FDP  Maipu MDSP
Cisco − VTP Attack  Virtual Trunking Protocol (VTP) is used by Cisco to propagate VLAN information.  VTP uses a versioning system with a client server architecture.  Clients sync their configuration with Server to maintain current VLAN database revision.  Attack involves DOS by sending VTP messages in the network.  Tools of Trade : Yersinia
VTP Attack − Mitigation  Check with admin if VTP is required, if NO, recommend them to configure switches in transparent mode.  If Yes, check if following parameters are configured correctly   VTP password should be there and shall be md5 encrypted (Service Password Encryption)  Non participating switches should be configured in transparent mode.  VTP pruning should be enabled.  All unused ports shall be shut by default.
DTP Attack  Dynamic Trunking Protocol (DTP) negotiates port states between 2 devices.  By default an interface is negotiated to become a Trunk (Tagged) port, hence its name.  One can send RAW DTP packets on Access interface & can make it trunk.  Trunk interface can then be used to escalate/exploit STP/VTP/VLAN based attacks.  Tools of Trade : Yersinia
DTP Attack − Mitigation  Turn of DTP by enabling no more auto-negotiation.  Refer below configuration for access (untagged) port, settings are hardcoded , nothing is auto.  All unused ports shall be shut by default.
HSRP Abuse  Hot Standby Router Protocol (HSRP) is used for achieving HA between Cisco devices.  Functions in Active/Passive mode, UDP 1985.  Uses multicast, by default password configured in plain text.  Attacker can send raw HSRP packet.  Compromise and become Active device with real or spoofed IP.  Tool to use : Yersinia
HSRP Abuse − Mitigation  Use MD5 authentication.  Hardcode everything.
Spanning Tree Attacks  Invented by Dr Radia Perlman, Spanning Tree Protocol (STP) is used for providing a loop free topology for a LAN or bridged network.  An attacker can disrupt STP topology by  Masquerading as a rogue switch.  Introducing a real switch in network.  Spoofing Root Switch  Sending malicious BPDU’s  Claiming roles in topology  Tools of Trade : Yersinia
Spanning Tree Attacks − Mitigation  Enable Root Guard on Cisco Switches, Root Protection on Juniper Switches.  Enable BPDU Guard on Cisco Switches, BPDU Protection on Juniper Switches.  All unused ports shall be shut by default.
Multicast Brute force  Switch receives a number of multicast frames in rapid succession.  Frames to leak into other VLAN instead of containing it on original VLAN.  May lead to DOS.  Rare nowadays.
Multicast Brute Force Attack − Mitigation  Buy switches with better queues/buffer and memory support.  Upgrade your supervisors (4500X and above , Cisco Only).
VLAN Based Attacks • VLAN Hopping − 802.1Q abuse. • PVLAN − Bypassing Layer 2 segregation logic.
VLAN Hopping  VLAN Hopping refers to emulation of a network switch & send frames (802.1Q/ISL).  An attacker can also send double tagged frames on trunk / access interface.  First frame will be stripped by switch and it will forward the frame to outgoing interface.  Since the frame is having one more tag, it will be forwarded as it is to next unintended VLAN.  Tools of Trade : Scapy, Ostinato
VLAN Hopping Attack − Mitigation  Disable DTP  Hardcode everything.  Unused ports shall be configured as access (untagged) ports.  Native VLAN segregation.  Management VLAN segregation.  Don’t use VLAN 1 for *anything*.
PVLAN Attacks  Community ports can communicate between themselves & promiscuous ports.  This logic can be bypassed using a proxy server or a Layer 3 Device on a promiscuous port.  L3 device will overwrite destination mac on frame & then sends frame back.  Unidirectional attack can be leveraged to a bidirectional attack by compromising hosts.  Tools of Trade : Scapy / Ostinato
PVLAN Attacks – Mitigation  Configure ACL on Layer 3 device.
Bonus : SNMP Snarfing  Simple Network Management Protocol (SNMP) is used to monitor and manage devices.  Vendor agonistic , has 3 versions, version 1.0 & version 2.0 most commonly used.  Plain text authentication.  Community strings can be bruteforced , fuzzed & hacked.  Wreak havoc using read write community.  Tools of Trade : Ettercap, dsniff.
SNMP Snarfing – Mitigation  Use SNMPv3 *only*, don’t use it in backwards compatible mode.  Don’t use community strings with write access.  Be SNMP Aware, don’t let it become “Security is Not My Problem”.
Switch Configuration Review  What to look in a sample Switch configuration dump.  Best Practices.  Looking at the big picture.
Conclusion  Ensure Switches are managed in a secured manner.  Hardcode everything.  Ensure there is a Change Management process for any Network and Security Changes.  Disable protocols which are not in use (CDP/VTP).  All unused ports should be shut by default.  Use Port-Security.  Use Root Guard/BPDU guard.  Be careful about SNMP community strings.
Questions? Reach me out at admin@theprohack.com
Thank You!

Recomendados

Network Security - Layer 2
Network Security - Layer 2Network Security - Layer 2
Network Security - Layer 2samis
 
Virtual LAN
Virtual LANVirtual LAN
Virtual LANLilesh Pathe
 
FIREWALL
FIREWALL FIREWALL
FIREWALL Akash R
 
Mitigating Layer2 Attacks
Mitigating Layer2 AttacksMitigating Layer2 Attacks
Mitigating Layer2 Attacksdkaya
 
Benefits of vlan
Benefits of vlanBenefits of vlan
Benefits of vlanLogitrain
 
ASA Failover
ASA FailoverASA Failover
ASA FailoverNetProtocol Xpert
 
Common Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationCommon Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationNetProtocol Xpert
 
I P S P O O F I N G
I P S P O O F I N GI P S P O O F I N G
I P S P O O F I N Gavinashkanchan
 

Recomendados

Network Security - Layer 2
Network Security - Layer 2Network Security - Layer 2
Network Security - Layer 2samis
 
Virtual LAN
Virtual LANVirtual LAN
Virtual LANLilesh Pathe
 
FIREWALL
FIREWALL FIREWALL
FIREWALL Akash R
 
Mitigating Layer2 Attacks
Mitigating Layer2 AttacksMitigating Layer2 Attacks
Mitigating Layer2 Attacksdkaya
 
Benefits of vlan
Benefits of vlanBenefits of vlan
Benefits of vlanLogitrain
 
ASA Failover
ASA FailoverASA Failover
ASA FailoverNetProtocol Xpert
 
Common Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationCommon Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationNetProtocol Xpert
 
I P S P O O F I N G
I P S P O O F I N GI P S P O O F I N G
I P S P O O F I N Gavinashkanchan
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Virtual LAN
Virtual LANVirtual LAN
Virtual LANDarshan Dalwadi
 
Aruba instant 6.4.0.2 4.1 user guide
Aruba instant 6.4.0.2 4.1 user guideAruba instant 6.4.0.2 4.1 user guide
Aruba instant 6.4.0.2 4.1 user guideAruba, a Hewlett Packard Enterprise company
 
Tcp header/IP Header/Authentication header
Tcp header/IP Header/Authentication headerTcp header/IP Header/Authentication header
Tcp header/IP Header/Authentication headerFaizan Shaikh
 
Useful cli commands v1
Useful cli commands v1Useful cli commands v1
Useful cli commands v1Aruba, a Hewlett Packard Enterprise company
 
KHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionKHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionAPNIC
 
EMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster ManagerEMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster ManagerAruba, a Hewlett Packard Enterprise company
 
Netflow slides
Netflow slidesNetflow slides
Netflow slidesJose Manuel Vega Monroy
 
Firewall
FirewallFirewall
FirewallApo
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffersKunal Thakur
 
Wireless Penetration Testing
Wireless Penetration TestingWireless Penetration Testing
Wireless Penetration TestingMohammed Adam
 
EMEA Airheads- ArubaOS - Rogue AP troubleshooting
EMEA Airheads- ArubaOS - Rogue AP troubleshootingEMEA Airheads- ArubaOS - Rogue AP troubleshooting
EMEA Airheads- ArubaOS - Rogue AP troubleshootingAruba, a Hewlett Packard Enterprise company
 
Roaming behavior and Client Troubleshooting
Roaming behavior and Client TroubleshootingRoaming behavior and Client Troubleshooting
Roaming behavior and Client TroubleshootingAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.xEMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.xAruba, a Hewlett Packard Enterprise company
 
Wi fi protected access
Wi fi protected accessWi fi protected access
Wi fi protected accessLopamudra Das
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network SecurityInformation Technology
 
Rap split tunnelv2
Rap split tunnelv2Rap split tunnelv2
Rap split tunnelv2Aruba, a Hewlett Packard Enterprise company
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and ProtectionChandrak Trivedi
 
Switch security
Switch securitySwitch security
Switch securitynullowaspmumbai
 
STP (spanning tree protocol)
STP (spanning tree protocol)STP (spanning tree protocol)
STP (spanning tree protocol)Netwax Lab
 
Lecture 5 - Agent communication
Lecture 5 - Agent communicationLecture 5 - Agent communication
Lecture 5 - Agent communicationAntonio Moreno
 

Mais conteúdo relacionado

Mais procurados

Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Tcp header/IP Header/Authentication header
Tcp header/IP Header/Authentication headerTcp header/IP Header/Authentication header
Tcp header/IP Header/Authentication headerFaizan Shaikh
 
KHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionKHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionAPNIC
 
Firewall
FirewallFirewall
FirewallApo
 
Wireless Penetration Testing
Wireless Penetration TestingWireless Penetration Testing
Wireless Penetration TestingMohammed Adam
 
Wi fi protected access
Wi fi protected accessWi fi protected access
Wi fi protected accessLopamudra Das
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and ProtectionChandrak Trivedi
 

Mais procurados (20)

Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
 
Virtual LAN
Virtual LANVirtual LAN
Virtual LAN
 
Aruba instant 6.4.0.2 4.1 user guide
Aruba instant 6.4.0.2 4.1 user guideAruba instant 6.4.0.2 4.1 user guide
Aruba instant 6.4.0.2 4.1 user guide
 
Tcp header/IP Header/Authentication header
Tcp header/IP Header/Authentication headerTcp header/IP Header/Authentication header
Tcp header/IP Header/Authentication header
 
Useful cli commands v1
Useful cli commands v1Useful cli commands v1
Useful cli commands v1
 
KHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionKHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack Prevention
 
EMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster ManagerEMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster Manager
 
Netflow slides
Netflow slidesNetflow slides
Netflow slides
 
Firewall
FirewallFirewall
Firewall
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffers
 
Wireless Penetration Testing
Wireless Penetration TestingWireless Penetration Testing
Wireless Penetration Testing
 
EMEA Airheads- ArubaOS - Rogue AP troubleshooting
EMEA Airheads- ArubaOS - Rogue AP troubleshootingEMEA Airheads- ArubaOS - Rogue AP troubleshooting
EMEA Airheads- ArubaOS - Rogue AP troubleshooting
 
Roaming behavior and Client Troubleshooting
Roaming behavior and Client TroubleshootingRoaming behavior and Client Troubleshooting
Roaming behavior and Client Troubleshooting
 
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.xEMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
 
Wi fi protected access
Wi fi protected accessWi fi protected access
Wi fi protected access
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
 
Rap split tunnelv2
Rap split tunnelv2Rap split tunnelv2
Rap split tunnelv2
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and Protection
 
Switch security
Switch securitySwitch security
Switch security
 

Destaque

STP (spanning tree protocol)
STP (spanning tree protocol)STP (spanning tree protocol)
STP (spanning tree protocol)Netwax Lab
 
Lecture 5 - Agent communication
Lecture 5 - Agent communicationLecture 5 - Agent communication
Lecture 5 - Agent communicationAntonio Moreno
 
Spanning Tree Protocol
Spanning Tree ProtocolSpanning Tree Protocol
Spanning Tree ProtocolManoj Gharate
 
Overview of Spanning Tree Protocol
Overview of Spanning Tree ProtocolOverview of Spanning Tree Protocol
Overview of Spanning Tree ProtocolArash Foroughi
 
difference between hub, bridge, switch and router
difference between hub, bridge, switch and routerdifference between hub, bridge, switch and router
difference between hub, bridge, switch and routerAkmal Cikmat
 
Computer networking devices
Computer networking devicesComputer networking devices
Computer networking devicesRajesh Sadhukha
 

Destaque (6)

STP (spanning tree protocol)
STP (spanning tree protocol)STP (spanning tree protocol)
STP (spanning tree protocol)
 
Lecture 5 - Agent communication
Lecture 5 - Agent communicationLecture 5 - Agent communication
Lecture 5 - Agent communication
 
Spanning Tree Protocol
Spanning Tree ProtocolSpanning Tree Protocol
Spanning Tree Protocol
 
Overview of Spanning Tree Protocol
Overview of Spanning Tree ProtocolOverview of Spanning Tree Protocol
Overview of Spanning Tree Protocol
 
difference between hub, bridge, switch and router
difference between hub, bridge, switch and routerdifference between hub, bridge, switch and router
difference between hub, bridge, switch and router
 
Computer networking devices
Computer networking devicesComputer networking devices
Computer networking devices
 

Semelhante a Introduction to layer 2 attacks & mitigation

The Complete Questionnaires About Firewall
The Complete Questionnaires About FirewallThe Complete Questionnaires About Firewall
The Complete Questionnaires About FirewallVishal Kumar
 
Giai phap bao mat - so sanh switch bao mat cua HDN va switch cua Cisco
Giai phap bao mat - so sanh switch bao mat cua HDN va switch cua CiscoGiai phap bao mat - so sanh switch bao mat cua HDN va switch cua Cisco
Giai phap bao mat - so sanh switch bao mat cua HDN va switch cua CiscoTran Thanh Song
 
Cisco Switch Security
Cisco Switch SecurityCisco Switch Security
Cisco Switch Securitydkaya
 
ASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersNetProtocol Xpert
 
ccna presentation 2013
ccna presentation 2013ccna presentation 2013
ccna presentation 2013RoHit VashIsht
 
Examen final ccna2
Examen final ccna2Examen final ccna2
Examen final ccna2Juli Yaret
 
Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...
Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...
Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...Yury Chemerkin
 
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...PROIDEA
 
CCNP Switching Chapter 1
CCNP Switching Chapter 1CCNP Switching Chapter 1
CCNP Switching Chapter 1Chaing Ravuth
 
Tech 101: Understanding Firewalls
Tech 101: Understanding FirewallsTech 101: Understanding Firewalls
Tech 101: Understanding FirewallsLikan Patra
 
Basic ccna interview questions and answers ~ sysnet notes
Basic ccna interview questions and answers ~ sysnet notesBasic ccna interview questions and answers ~ sysnet notes
Basic ccna interview questions and answers ~ sysnet notesVamsi Krishna Kalavala
 
Zaccone Carmelo - IPv6 and security from a user’s point of view
Zaccone Carmelo - IPv6 and security from a user’s point of view Zaccone Carmelo - IPv6 and security from a user’s point of view
Zaccone Carmelo - IPv6 and security from a user’s point of view IPv6 Conference
 

Semelhante a Introduction to layer 2 attacks & mitigation (20)

Hacking L2 Switches
Hacking L2 SwitchesHacking L2 Switches
Hacking L2 Switches
 
The Complete Questionnaires About Firewall
The Complete Questionnaires About FirewallThe Complete Questionnaires About Firewall
The Complete Questionnaires About Firewall
 
Network & security startup
Network & security startupNetwork & security startup
Network & security startup
 
L2 Attacks.pdf
L2 Attacks.pdfL2 Attacks.pdf
L2 Attacks.pdf
 
Giai phap bao mat - so sanh switch bao mat cua HDN va switch cua Cisco
Giai phap bao mat - so sanh switch bao mat cua HDN va switch cua CiscoGiai phap bao mat - so sanh switch bao mat cua HDN va switch cua Cisco
Giai phap bao mat - so sanh switch bao mat cua HDN va switch cua Cisco
 
Cisco Switch Security
Cisco Switch SecurityCisco Switch Security
Cisco Switch Security
 
ASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & Answers
 
Lec21 22
Lec21 22Lec21 22
Lec21 22
 
ccna presentation 2013
ccna presentation 2013ccna presentation 2013
ccna presentation 2013
 
Examen final ccna2
Examen final ccna2Examen final ccna2
Examen final ccna2
 
CCNA 1
CCNA 1CCNA 1
CCNA 1
 
CCNA 2
CCNA 2 CCNA 2
CCNA 2
 
Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...
Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...
Gaweł mikołajczyk. holistic identity based networking approach – an irreducib...
 
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...
 
Switching
SwitchingSwitching
Switching
 
Ccna 9
Ccna 9Ccna 9
Ccna 9
 
CCNP Switching Chapter 1
CCNP Switching Chapter 1CCNP Switching Chapter 1
CCNP Switching Chapter 1
 
Tech 101: Understanding Firewalls
Tech 101: Understanding FirewallsTech 101: Understanding Firewalls
Tech 101: Understanding Firewalls
 
Basic ccna interview questions and answers ~ sysnet notes
Basic ccna interview questions and answers ~ sysnet notesBasic ccna interview questions and answers ~ sysnet notes
Basic ccna interview questions and answers ~ sysnet notes
 
Zaccone Carmelo - IPv6 and security from a user’s point of view
Zaccone Carmelo - IPv6 and security from a user’s point of view Zaccone Carmelo - IPv6 and security from a user’s point of view
Zaccone Carmelo - IPv6 and security from a user’s point of view
 

Mais de Rishabh Dangwal

Cliffnotes on Blue Teaming
Cliffnotes on Blue TeamingCliffnotes on Blue Teaming
Cliffnotes on Blue TeamingRishabh Dangwal
 
An introduction to SwiftNET
An introduction to SwiftNETAn introduction to SwiftNET
An introduction to SwiftNETRishabh Dangwal
 
Network nags - when security fails
Network nags - when security failsNetwork nags - when security fails
Network nags - when security failsRishabh Dangwal
 
Introduction to Wan Acceleration Devices
Introduction to Wan Acceleration DevicesIntroduction to Wan Acceleration Devices
Introduction to Wan Acceleration DevicesRishabh Dangwal
 
Eigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.com
Eigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.comEigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.com
Eigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.comRishabh Dangwal
 
Understanding DDOS Mitigation by Rishabh Dangwal - www.theprohack.com
Understanding DDOS Mitigation by Rishabh Dangwal - www.theprohack.comUnderstanding DDOS Mitigation by Rishabh Dangwal - www.theprohack.com
Understanding DDOS Mitigation by Rishabh Dangwal - www.theprohack.comRishabh Dangwal
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Rishabh Dangwal
 
An introduction to Digital Security - Rishabh Dangwal
An introduction to Digital Security - Rishabh DangwalAn introduction to Digital Security - Rishabh Dangwal
An introduction to Digital Security - Rishabh DangwalRishabh Dangwal
 
A guide to Unified Threat Management Systems (UTMs) by Rishabh Dangwal
A guide to Unified Threat Management Systems (UTMs) by Rishabh DangwalA guide to Unified Threat Management Systems (UTMs) by Rishabh Dangwal
A guide to Unified Threat Management Systems (UTMs) by Rishabh DangwalRishabh Dangwal
 

Mais de Rishabh Dangwal (9)

Cliffnotes on Blue Teaming
Cliffnotes on Blue TeamingCliffnotes on Blue Teaming
Cliffnotes on Blue Teaming
 
An introduction to SwiftNET
An introduction to SwiftNETAn introduction to SwiftNET
An introduction to SwiftNET
 
Network nags - when security fails
Network nags - when security failsNetwork nags - when security fails
Network nags - when security fails
 
Introduction to Wan Acceleration Devices
Introduction to Wan Acceleration DevicesIntroduction to Wan Acceleration Devices
Introduction to Wan Acceleration Devices
 
Eigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.com
Eigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.comEigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.com
Eigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.com
 
Understanding DDOS Mitigation by Rishabh Dangwal - www.theprohack.com
Understanding DDOS Mitigation by Rishabh Dangwal - www.theprohack.comUnderstanding DDOS Mitigation by Rishabh Dangwal - www.theprohack.com
Understanding DDOS Mitigation by Rishabh Dangwal - www.theprohack.com
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...
 
An introduction to Digital Security - Rishabh Dangwal
An introduction to Digital Security - Rishabh DangwalAn introduction to Digital Security - Rishabh Dangwal
An introduction to Digital Security - Rishabh Dangwal
 
A guide to Unified Threat Management Systems (UTMs) by Rishabh Dangwal
A guide to Unified Threat Management Systems (UTMs) by Rishabh DangwalA guide to Unified Threat Management Systems (UTMs) by Rishabh Dangwal
A guide to Unified Threat Management Systems (UTMs) by Rishabh Dangwal
 

Último

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Visualising and forecasting stocks using Dash
Visualising and forecasting stocks using DashVisualising and forecasting stocks using Dash
Visualising and forecasting stocks using Dashnarutouzumaki53779
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 

Último (20)

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Visualising and forecasting stocks using Dash
Visualising and forecasting stocks using DashVisualising and forecasting stocks using Dash
Visualising and forecasting stocks using Dash
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 

Introduction to layer 2 attacks & mitigation

  • 1. An Introduction to Layer 2 Attacks & Mitigation Rishabh Dangwal www.TheProhack.com | Twitter @prohack
  • 2. Agenda  Layer 2 Security - The What, Why and What Now ?  Switching Basics  Quick Knowledge Check  The Attacks & their mitigation.  ARP based  Cisco Specific  STP & VLAN Attacks  Switch Configuration Review – What to look  Question Answer session.
  • 3. Layer 2 Security The What, Why and What Now ?  OSI is a layered model and if one layer gets hacked, all layers are compromised.  Layer 2 Attacks are still very much relevant today.  Poorly configured Network environments.  Information gap between Network and Security Personnel (refer next slide).  Different architectures , same protocols; henceforth same weaknesses.  Security is only as strong as your weakest link.
  • 4. Switching Basics  What is a Switch exactly ?  How does it function ?  VLAN basics.  Tagged and Untagged ports (also called as edge/access and Trunk ports).  Spanning Tree Basics.  Layer 3 Switching ?  More Layer 2 Switching Vendor specific technologies.
  • 5. Quick Knowledge Check Kind questions to ask to your Network & Security Admins 1. How do they handle Network Security issues? 2. Is their network segmented by VLANs ? 3. Are their networked VLANs secure by design ? 4. What is the process of IP Segment allocation ? 5. Is there a formal Change Process in place ?
  • 6. Flooding & Spoofing Attacks Attacks which utilize either flooding or resource starvation  ARP Poisoning  DHCP Starvation  CAM Table overflow
  • 7. ARP Attacks  ARP Poisoning : can be easily carried out.  Stateless protocol.  NO inbuilt authentication  Limited to local network segments.  Can be escalated/exploited to MITM , SSH Interception , DOS, session hijacking attacks.  Tools of Trade : Ettercap, Cain & Abel , Dsniff
  • 8. DHCP Starvation  DHCP Scope exhaustion by installing a rogue DHCP server.  Spoofed MAC requests broadcast/flood network.  Resource starvation occurs which may make a rogue server more effective.  Tools of Trade : Yersinia
  • 9. CAM Table Overflow  Content Addressable Memory (CAM) is used in highly efficient search based environments.  Cisco switches use CAM to make MAC & interface mapping tables.  One can flood MAC in network which can fill CAM & thereby make a switch act like a hub.  Tools of Trade : Dsniff, Ettercap, Cain & Abel and more..
  • 10. Flooding & Spoofing Attacks − Mitigation  Ensure Port Security is enabled (static ARP entries)  Enable Port Security  Enable DHCP Snooping.  Question Network admin on requirement of PARP / GARP if present in configuration.  Dynamic Arp Inspection .
  • 11. Cisco Specific Attacks  CDP attacks − Applicable to Cisco IOS based devices.  VTP attacks − Applicable to Cisco Switches.  DTP Attack − Applicable to Cisco IOS based devices.  HSRP Abuse − Applicable to Cisco IOS based devices.
  • 12. Cisco − CDP Attacks  Cisco Discovery Protocol (CDP) allows Cisco Devices to communicate with each other.  CDP communicates is unencrypted , unauthenticated & carries a ton of information.  CDP can be exploited to   CDP DOS (Even WLCs are vulnerable)  Overflow / Pollution / Corruption of CDP Cache  Raking up power bills (POE abuse)  Tools to Use : Yersinia
  • 13. CDP Attacks − Mitigation  Turn CDP Off.  Check with Network guys for any specific requirement of CDP (VOIP phones/Tshoot).  All unused ports shall be shut by default.  BONUS : Different vendors have similar protocols −  Juniper / Huawei LLDP (LLDP Attack Framework)  Brocade FDP  Maipu MDSP
  • 14. Cisco − VTP Attack  Virtual Trunking Protocol (VTP) is used by Cisco to propagate VLAN information.  VTP uses a versioning system with a client server architecture.  Clients sync their configuration with Server to maintain current VLAN database revision.  Attack involves DOS by sending VTP messages in the network.  Tools of Trade : Yersinia
  • 15. VTP Attack − Mitigation  Check with admin if VTP is required, if NO, recommend them to configure switches in transparent mode.  If Yes, check if following parameters are configured correctly   VTP password should be there and shall be md5 encrypted (Service Password Encryption)  Non participating switches should be configured in transparent mode.  VTP pruning should be enabled.  All unused ports shall be shut by default.
  • 16. DTP Attack  Dynamic Trunking Protocol (DTP) negotiates port states between 2 devices.  By default an interface is negotiated to become a Trunk (Tagged) port, hence its name.  One can send RAW DTP packets on Access interface & can make it trunk.  Trunk interface can then be used to escalate/exploit STP/VTP/VLAN based attacks.  Tools of Trade : Yersinia
  • 17. DTP Attack − Mitigation  Turn of DTP by enabling no more auto-negotiation.  Refer below configuration for access (untagged) port, settings are hardcoded , nothing is auto.  All unused ports shall be shut by default.
  • 18. HSRP Abuse  Hot Standby Router Protocol (HSRP) is used for achieving HA between Cisco devices.  Functions in Active/Passive mode, UDP 1985.  Uses multicast, by default password configured in plain text.  Attacker can send raw HSRP packet.  Compromise and become Active device with real or spoofed IP.  Tool to use : Yersinia
  • 19. HSRP Abuse − Mitigation  Use MD5 authentication.  Hardcode everything.
  • 20. Spanning Tree Attacks  Invented by Dr Radia Perlman, Spanning Tree Protocol (STP) is used for providing a loop free topology for a LAN or bridged network.  An attacker can disrupt STP topology by  Masquerading as a rogue switch.  Introducing a real switch in network.  Spoofing Root Switch  Sending malicious BPDU’s  Claiming roles in topology  Tools of Trade : Yersinia
  • 21. Spanning Tree Attacks − Mitigation  Enable Root Guard on Cisco Switches, Root Protection on Juniper Switches.  Enable BPDU Guard on Cisco Switches, BPDU Protection on Juniper Switches.  All unused ports shall be shut by default.
  • 22. Multicast Brute force  Switch receives a number of multicast frames in rapid succession.  Frames to leak into other VLAN instead of containing it on original VLAN.  May lead to DOS.  Rare nowadays.
  • 23. Multicast Brute Force Attack − Mitigation  Buy switches with better queues/buffer and memory support.  Upgrade your supervisors (4500X and above , Cisco Only).
  • 24. VLAN Based Attacks • VLAN Hopping − 802.1Q abuse. • PVLAN − Bypassing Layer 2 segregation logic.
  • 25. VLAN Hopping  VLAN Hopping refers to emulation of a network switch & send frames (802.1Q/ISL).  An attacker can also send double tagged frames on trunk / access interface.  First frame will be stripped by switch and it will forward the frame to outgoing interface.  Since the frame is having one more tag, it will be forwarded as it is to next unintended VLAN.  Tools of Trade : Scapy, Ostinato
  • 26. VLAN Hopping Attack − Mitigation  Disable DTP  Hardcode everything.  Unused ports shall be configured as access (untagged) ports.  Native VLAN segregation.  Management VLAN segregation.  Don’t use VLAN 1 for *anything*.
  • 27. PVLAN Attacks  Community ports can communicate between themselves & promiscuous ports.  This logic can be bypassed using a proxy server or a Layer 3 Device on a promiscuous port.  L3 device will overwrite destination mac on frame & then sends frame back.  Unidirectional attack can be leveraged to a bidirectional attack by compromising hosts.  Tools of Trade : Scapy / Ostinato
  • 28. PVLAN Attacks – Mitigation  Configure ACL on Layer 3 device.
  • 29. Bonus : SNMP Snarfing  Simple Network Management Protocol (SNMP) is used to monitor and manage devices.  Vendor agonistic , has 3 versions, version 1.0 & version 2.0 most commonly used.  Plain text authentication.  Community strings can be bruteforced , fuzzed & hacked.  Wreak havoc using read write community.  Tools of Trade : Ettercap, dsniff.
  • 30. SNMP Snarfing – Mitigation  Use SNMPv3 *only*, don’t use it in backwards compatible mode.  Don’t use community strings with write access.  Be SNMP Aware, don’t let it become “Security is Not My Problem”.
  • 31. Switch Configuration Review  What to look in a sample Switch configuration dump.  Best Practices.  Looking at the big picture.
  • 32. Conclusion  Ensure Switches are managed in a secured manner.  Hardcode everything.  Ensure there is a Change Management process for any Network and Security Changes.  Disable protocols which are not in use (CDP/VTP).  All unused ports should be shut by default.  Use Port-Security.  Use Root Guard/BPDU guard.  Be careful about SNMP community strings.
  • 33. Questions? Reach me out at admin@theprohack.com