Presentation is loading. Please wait.

Presentation is loading. Please wait.

انجمن سیسکو به پارسی آشنایی با برخی حملات در لایه 2 آشنایی با برخی حملات در لایه 2 علیرضا.

Published byCody Barber Modified over 8 years ago

Similar presentations

Presentation on theme: "انجمن سیسکو به پارسی آشنایی با برخی حملات در لایه 2 آشنایی با برخی حملات در لایه 2 علیرضا."— Presentation transcript:

1 http://forum.ciscoinpersian.comhttp://forum.ciscoinpersian.com انجمن سیسکو به پارسی آشنایی با برخی حملات در لایه 2 آشنایی با برخی حملات در لایه 2 علیرضا محمدی علیرضا محمدی

2

3 Motivation Attack attack for data destroyed attack for Stealing computers data attack for data destroyed attack for down services

4 Switched Data Plane Attacks: STP Spoofing DHCP Attacks DHCP Attacks MAC address Attacks MAC address Attacks VLAN Hopping VLAN Hopping

5 VLAN Hopping : VLAN Hopping : 1- Switch spoofing 2- Double tagged attack

6 Switch spoofing

7 switch spoofing attack Mitigation switchport mode access switchport switchport nonegotiate

8 Double tagged attack

9 switchport trunk native vlan tagged Double tagged attack Mitigation ( Layer 3 Switch ) vlan dot1q tag native ( Layer 2 Switch )

10 MAC address Attacks : MAC address Attacks : 2- Mac Address Spoofing 1- CAM Flooding Attack

11 CAM Flooding Attack

12 CAM flooding attack Mitigation (config-if)#switchport port-security ? mac-address Secure mac address mac-address Secure mac address maximum Max secure addresses maximum Max secure addresses violation Security violation mode violation Security violation mode

13 Mac address spoofing Attack

14 CAM flooding attack Mitigation Dynamic ARP Inspection

15 1- DHCP Starvation DHCP Attacks : 2- DHCP Server Spoofing

16 DHCP Starvation

17 DHCP Server Spoofing

18 Spoofing & Starvation attack Mitigation DHCP Snooping dynamic ARP inspection

19 STP Spoofing Spoof Attack Sniff Attack

20 STP Spoofing

21 STP Spoofing Mitigation Root Guard BPDU Guard Access layer

Download ppt "انجمن سیسکو به پارسی آشنایی با برخی حملات در لایه 2 آشنایی با برخی حملات در لایه 2 علیرضا."

Similar presentations

Mitigating Layer 2 Attacks

Mitigating Layer 2 Attacks
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Common Layer 2 Attacks and Countermeasures.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Common Layer 2 Attacks and Countermeasures.
CCNPv5 Minimizing Service Loss and Data Theft in a Campus Network 1 Minimizing Service Loss and Data Theft in a Switched BCMSN Module 8 – Sec 2.

CCNPv5 Minimizing Service Loss and Data Theft in a Campus Network 1 Minimizing Service Loss and Data Theft in a Switched BCMSN Module 8 – Sec 2.
Neutering Ettercap in Cisco Switched Networks For fun and Profit.

Neutering Ettercap in Cisco Switched Networks For fun and Profit.
1 © 2004, Cisco Systems, Inc. All rights reserved IP Telephony Security Cisco Systems.

1 © 2004, Cisco Systems, Inc. All rights reserved IP Telephony Security Cisco Systems.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Protecting Against Spoofing Attacks.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Protecting Against Spoofing Attacks.
Wireless and Switch Security NETS David Mitchell.

Wireless and Switch Security NETS David Mitchell.
1 © 2003, Cisco Systems, Inc. All rights reserved. Vyncke ethernet security Ethernet: Layer 2 Security Eric Vyncke Cisco Systems Distinguished Engineer.

1 © 2003, Cisco Systems, Inc. All rights reserved. Vyncke ethernet security Ethernet: Layer 2 Security Eric Vyncke Cisco Systems Distinguished Engineer.
Borderless Networks Foundation – Best Practices Mark Williamson

Borderless Networks Foundation – Best Practices Mark Williamson
1 Inter-VLAN routing Chapter 6 CCNA Exploration Semester 3 Modified by Profs. Ward and Cappellino.

1 Inter-VLAN routing Chapter 6 CCNA Exploration Semester 3 Modified by Profs. Ward and Cappellino.
Chapter 5 Secure LAN Switching.  MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

Chapter 5 Secure LAN Switching.  MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Understanding Switch Security Issues.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Understanding Switch Security Issues.
Securing the Local Area Network

Securing the Local Area Network
Break Switches - Configuring and Best Practices

Break Switches - Configuring and Best Practices
Layer 2 Security – No Longer Ignored Security Possibilities at Layer 2 Allan Alton, BSc CISA CISSP NetAnalyst UBC October 18, 2007.

Layer 2 Security – No Longer Ignored Security Possibilities at Layer 2 Allan Alton, BSc CISA CISSP NetAnalyst UBC October 18, 2007.
Chapter 8 Layer 2 Switching and Spanning Tree Protocol (STP)

Chapter 8 Layer 2 Switching and Spanning Tree Protocol (STP)
Secure LAN Switching Layer 2 security Introduction Port-level controls

Secure LAN Switching Layer 2 security Introduction Port-level controls
Author: Bill Buchanan. Module Descriptor Author: Bill Buchanan.

Author: Bill Buchanan. Module Descriptor Author: Bill Buchanan.

Similar presentations

Ads by Google