Category: Security – layer 2

Mitigate VLAN hopping attack – Get rid of Layer 2 attacks

In this article we will mitigate VLAN hopping by switch spoofing in the way that we will disable trunking on the ports who do not have to become trunk ports. Some Cisco switches ports default to auto mode for trunking. That means that the ports automatically become trunk ports if they receive Dynamic Trunking Protocol (DTP) frames on some of the switch ports.

| Continue Reading.. |

VLAN hopping attack – Switch Spoofing and Double tagging

VLAN hopping attack can be possible by two different approaches, Switch Spoofing or Double tagging.

When you are in a situation where you need to configure and set up the security of VLAN trunks, also consider the potential for an exploit called VLAN hopping.

An attacker can craft and send positioned frames on one access VLAN with spoofed 802.1Q tags so that the packet end up on a totally different VLAN and all this without the use of a router.

| Continue Reading.. |

Using Port Security to Mitigate Layer 2 Attacks

Get rid of the MAC flooding attacks on your switch and all kinds of other attacks that will mitigate you network security by implementing switch port security.
All about the issues to consider when configuring port security on a switch will be written here. Also we will show you how to configure port security on the Cisco IOS. It will be configuration of both static and dynamic port security.

| Continue Reading.. |

Telnet Attacks – Ways to compromise remote connection

In this article I am going to explain some of the reasons why we should switch from Telnet to SSH to get our device management secure.

But first few words about Telnet?

More than once we were in the situation where we needed to configure couple of switches and routers in the same time. More precisely, almost every time we are in a situation where we must configure or troubleshoot more devices in the same time.

Of course that we don’t want to reconnect console cable to every other switch every time we want to make a show command on it.

We want to be able to connect to all the devices in the same time and then just use multiple command prompts one for each device. In this manner we are faster in the troubleshooting process and we can make configurations steps without loosing time on transferring the console cable. Furthermore we have better overview on the configuration as we make troubleshooting commands and we can easily compare different configurations just by opening two command prompts one close to other.

| Continue Reading.. |

CDP Attacks – Cisco Discovery Protocol Attack

CDP – The Cisco Discovery Protocol is a proprietary protocol that all Cisco devices can use by default. CDP discovers other Cisco devices that are directly connected, which makes possible to the devices to auto-configure their connection in some cases, simplifying configuration and connectivity. CDP messages are not encrypted.

| Continue Reading.. |