Download presentation
Presentation is loading. Please wait.
Published byDonna Glenn Modified over 9 years ago
1
Verify that timestamps for debugging and logging messages has been enabled. Verify the severity level of events that are being captured. Verify that the source interface command has been configured. Verify the IP address of the syslog server.
2
ACLs Routing Protocol Authentication CDP VLANs Switchport Security VTP DTP
3
Cisco IOS uses access control lists to separate data traffic into that which it will process (permitted packets) and that which it will not process (denied packets). Cisco routers makes very heavy use of access lists: restrict access to services filter traffic passing through the router.
4
An ACL is a sequential list of permit or deny statements that apply to addresses or upper-layer protocols. Static packet filtering controls access to a network by analyzing the incoming and outgoing packets By default, a router does not have any ACLs configured and therefore does not filter traffic.
6
Standard ACLs - Allow you to filter traffic based on source IP address. Extended ACLs filter IP packets based on: Protocol type, Source IP address, Destination IP address TCP or UDP ports.
7
Extended ACLs are used for more precise traffic- filtering control and are used more often than standard ACLs to provide a greater range of control.
8
ICMP Packet Filtering - filter ICMP messages by name or type and code. Filter IP Fragments – Fragmentation is often used in attempts to evade detection by intrusion detection systems, deny IP fragments. Anti IP Address Spoofing – Deny any inbound IP packet that contains a source address from the internal network. Smurf Attack - deny packets destined for broadcast addresses.
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.