انجمن سیسکو به پارسی آشنایی با برخی حملات در لایه 2 آشنایی با برخی حملات در لایه 2 علیرضا.

Slides:



Advertisements
Similar presentations
Mitigating Layer 2 Attacks
Advertisements

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Common Layer 2 Attacks and Countermeasures.
CCNPv5 Minimizing Service Loss and Data Theft in a Campus Network 1 Minimizing Service Loss and Data Theft in a Switched BCMSN Module 8 – Sec 2.
Neutering Ettercap in Cisco Switched Networks For fun and Profit.
1 © 2004, Cisco Systems, Inc. All rights reserved IP Telephony Security Cisco Systems.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Protecting Against Spoofing Attacks.
Wireless and Switch Security NETS David Mitchell.
1 © 2003, Cisco Systems, Inc. All rights reserved. Vyncke ethernet security Ethernet: Layer 2 Security Eric Vyncke Cisco Systems Distinguished Engineer.
Borderless Networks Foundation – Best Practices Mark Williamson
1 Inter-VLAN routing Chapter 6 CCNA Exploration Semester 3 Modified by Profs. Ward and Cappellino.
Chapter 5 Secure LAN Switching.  MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Understanding Switch Security Issues.
Securing the Local Area Network
Break Switches - Configuring and Best Practices
Layer 2 Security – No Longer Ignored Security Possibilities at Layer 2 Allan Alton, BSc CISA CISSP NetAnalyst UBC October 18, 2007.
Chapter 8 Layer 2 Switching and Spanning Tree Protocol (STP)
Secure LAN Switching Layer 2 security Introduction Port-level controls
Author: Bill Buchanan. Module Descriptor Author: Bill Buchanan.
© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 8 – PIX Security Appliance Contexts, Failover, and Management.
TRUNKS TRUNK: Trunking is a layer 2 feature.
Building Cisco Multilayer Switched Networks (BCMSN)
Chapter 3 test.  VLANS group hosts _____________________ logically or physically?  Logically—regardless of physical location  Devices in one VLAN do.
1/28/2010 Network Plus Network Device Review. Physical Layer Devices Repeater –Repeats all signals or bits from one port to the other –Can be used extend.
Chapter 9 Virtual LANs (VLANs). Setup 1 Setup 2.
DHCP Security DHCP Snooping and Security David Mitchell 03/19/2008.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir CCNP-SWITCHING Mohamed Samir YouTube channel Double.
Lecture2 Secured Network Design W.Lilakiatsakun.  ARP  Problems with ARP / Countermeasures  VLAN  Attacking on VLAN / Countermeasures Topics.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod9_L8 1 Network Security 2 Module 7 – Secure Network Architecture and Management.
Author: Bill Buchanan. 1. Broadcast: What is the MAC address of this network address? 2. Requested host: All the hosts read the broadcast and checks.
Mahindra-British Telecom Ltd. Exploiting Layer 2 By Balwant Rathore.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Part V: Monitoring Campus Networks.
FIRST TC 2002 John Kristoff - DePaul University 1 Local Network Attacks John Kristoff DePaul University Chicago, IL
CHAPTER 10 Voice Security. VoIP Security Requirements: Integrity: The recipient should receive the packets that the originator sends without and change.
Secure Wired Local Area Network( LAN ) By Sentuya Francis Derrick ID Module code:CT3P50N BSc Computer Networking London Metropolitan University.
Multiple SSID With Multiple VLANs configuration example on Cisco Aironet APs By Surendra B.G TAC Engineer, Cisco Systems.
Chapter 6: Securing the Local Area Network
Switching Topic 2 VLANs.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Protecting Against VLAN Attacks.
Layer-2 Switching and STP
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
1 Putting 2 & 2 Together By Stephen Dugan, CCSI
CCNP Routing and Switching Exam Pass4sure.
© 2003, Cisco Systems, Inc. All rights reserved. 2-1 Understanding Switch Security.
© 2003, Cisco Systems, Inc. All rights reserved. 2-1 Understanding Switch Security.
Chapter 6 Thanks to the instructors at St. Clair College in Windsor, Ontario.
Cisco Implementing Cisco IP Switched Networks (SWITCH )
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 VLANs.
How to Configure VLAN Hopping for Cisco Switch
InterVLAN Routing 1. InterVLAN Routing 2. Multilayer Switching.
Exploiting Layer 2 By Balwant Rathore.
Chapter Six Securing the Local Area Network
Layer 2 Attacks and Security
Switching and VLANs.
Switching and VLANs.
Campus Network Security
Device Security Source:
SWU Multicast Topology
حملات به شبکه های محلی و راه های مقابله
Chapter 2: Basic Switching Concepts and Configuration
Network Security and Monitoring
Switching and VLANs.
Chapter 3: Implementing VLAN Security
CCNA 3 v3 JEOPARDY Module 8 CCNA3 v3 Module 8 K. Martin.
CCNA 3 v3 JEOPARDY Module 8 CCNA3 v3 Module 8 K. Martin.
cnMatrix EX 2K managed switches
Sécurisation au niveau 2 pour certains matériels Cisco
CISCO SWITCHING Hussein Salameh Network Administrator
Presentation transcript:

انجمن سیسکو به پارسی آشنایی با برخی حملات در لایه 2 آشنایی با برخی حملات در لایه 2 علیرضا محمدی علیرضا محمدی

Motivation Attack attack for data destroyed attack for Stealing computers data attack for data destroyed attack for down services

Switched Data Plane Attacks: STP Spoofing DHCP Attacks DHCP Attacks MAC address Attacks MAC address Attacks VLAN Hopping VLAN Hopping

VLAN Hopping : VLAN Hopping : 1- Switch spoofing 2- Double tagged attack

Switch spoofing

switch spoofing attack Mitigation switchport mode access switchport switchport nonegotiate

Double tagged attack

switchport trunk native vlan tagged Double tagged attack Mitigation ( Layer 3 Switch ) vlan dot1q tag native ( Layer 2 Switch )

MAC address Attacks : MAC address Attacks : 2- Mac Address Spoofing 1- CAM Flooding Attack

CAM Flooding Attack

CAM flooding attack Mitigation (config-if)#switchport port-security ? mac-address Secure mac address mac-address Secure mac address maximum Max secure addresses maximum Max secure addresses violation Security violation mode violation Security violation mode

Mac address spoofing Attack

CAM flooding attack Mitigation Dynamic ARP Inspection

1- DHCP Starvation DHCP Attacks : 2- DHCP Server Spoofing

DHCP Starvation

DHCP Server Spoofing

Spoofing & Starvation attack Mitigation DHCP Snooping dynamic ARP inspection

STP Spoofing Spoof Attack Sniff Attack

STP Spoofing

STP Spoofing Mitigation Root Guard BPDU Guard Access layer

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.