LAN Switch Security: What Hackers Know About Your Switches Book PDF, ePub eBook

Join our eBook service for unlimited books & audiobooks. Get a free 7 day subscription! ↓↓↓↓↓


Book Descriptions:

LAN Switch Security: What Hackers Know About Your Switches

A practical guide to hardening Layer 2 devices and stopping campus network attacks

Eric Vyncke

Christopher Paggen, CCIE® No. 2659

Contrary to popular belief, Ethernet switches are not inherently secure. Security vulnerabilities in Ethernet switches are multiple: from the switch implementation, to control plane protocols (Spanning Tree Protocol [STP], Cisco® Discovery Protocol [CDP], and so on) and data plane protocols, such as Address Routing Protocol (ARP) or Dynamic Host Configuration Protocol (DHCP). LAN Switch Security explains all the vulnerabilities in a network infrastructure related to Ethernet switches. Further, this book shows you how to configure a switch to prevent or to mitigate attacks based on those vulnerabilities. This book also includes a section on how to use an Ethernet switch to increase the security of a network and prevent future attacks.

Divided into four parts, LAN Switch Security provides you with steps you can take to ensure the integrity of both voice and data traffic traveling over Layer 2 devices. Part I covers vulnerabilities in Layer 2 protocols and how to configure switches to prevent attacks against those vulnerabilities. Part II addresses denial-of-service (DoS) attacks on an Ethernet switch and shows how those attacks can be mitigated. Part III shows how a switch can actually augment the security of a network through the utilization of wirespeed access control list (ACL) processing and IEEE 802.1x for user authentication and authorization. Part IV examines future developments from the LinkSec working group at the IEEE. For all parts, most of the content is vendor independent and is useful for all network architects deploying Ethernet switches.

After reading this book, you will have an in-depth understanding of LAN security and be prepared to plug the security holes that exist in a great number of campus networks.

Eric Vyncke has a master’s degree in computer science engineering from the University of Liège in Belgium. Since 1997, Eric has worked as a Distinguished Consulting Engineer for Cisco, where he is a technical consultant for security covering Europe. His area of expertise for 20 years has been mainly security from Layer 2 to applications. He is also guest professor at Belgian universities for security seminars.

Christopher Paggen, CCIE® No. 2659, obtained a degree in computer science from IESSL in Liège (Belgium) and a master’s degree in economics from University of Mons-Hainaut (UMH) in Belgium. He has been with Cisco since 1996 where he has held various positions in the fields of LAN switching and security, either as pre-sales support, post-sales support, network design engineer, or technical advisor to various engineering teams. Christopher is a frequent speaker at events, such as Networkers, and has filed several U.S. patents in the security area.

Contributing Authors:

Jason Frazier is a technical leader in the Technology Systems Engineering group for Cisco.

Steinthor Bjarnason is a consulting engineer for Cisco.

Ken Hook is a switch security solution manager for Cisco.

Rajesh Bhandari is a technical leader and a network security solutions architect for Cisco.

• Use port security to protect against CAM attacks

• Prevent spanning-tree attacks

• Isolate VLANs with proper configuration techniques

• Protect against rogue DHCP servers

• Block ARP snooping

• Prevent IPv6 neighbor discovery and router solicitation exploitation

• Identify Power over Ethernet vulnerabilities

• Mitigate risks from HSRP and VRPP

• Stop information leaks with CDP, PaGP, VTP, CGMP and other Cisco ancillary protocols

• Understand and prevent DoS attacks against switches

• Enforce simple wirespeed security policies with ACLs

• Implement user authentication on a port base with IEEE 802.1x

• Use new IEEE protocols to encrypt all Ethernet frames at wirespeed.

This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

Category: Cisco Press–Security

Covers: Ethernet Switch Security

 

LAN Switch Security: What Hackers Know About Your Switches by Eric Vyncke, Christopher Paggen

From reader reviews:

Arlen Bullock:

Now a day folks who Living in the era where everything reachable by connect to the internet and the resources within it can be true or not require people to be aware of each information they get. How many people to be smart in acquiring any information nowadays? Of course the reply is reading a book. Studying a book can help folks out of this uncertainty Information especially this LAN Switch Security: What Hackers Know About Your Switches book because book offers you rich information and knowledge. Of course the information in this book hundred per cent guarantees there is no doubt in it everbody knows.

Harold Riggs:

Hey guys, do you desires to finds a new book to read? May be the book with the subject LAN Switch Security: What Hackers Know About Your Switches suitable to you? The particular book was written by famous writer in this era. The actual book untitled LAN Switch Security: What Hackers Know About Your Switchesis a single of several books that everyone read now. This particular book was inspired lots of people in the world. When you read this guide you will enter the new dimension that you ever know previous to. The author explained their concept in the simple way, consequently all of people can easily to know the core of this e-book. This book will give you a lots of information about this world now. In order to see the represented of the world in this book.

Helen Albertson:

Do you really one of the book lovers? If so, do you ever feeling doubt while you are in the book store? Try and pick one book that you just dont know the inside because don't assess book by its deal with may doesn't work this is difficult job because you are frightened that the inside maybe not because fantastic as in the outside appear likes. Maybe you answer might be LAN Switch Security: What Hackers Know About Your Switches why because the wonderful cover that make you consider in regards to the content will not disappoint you actually. The inside or content is fantastic as the outside or maybe cover. Your reading sixth sense will directly make suggestions to pick up this book.

Kelly Breedlove:

Some people said that they feel bored when they reading a guide. They are directly felt the item when they get a half elements of the book. You can choose often the book LAN Switch Security: What Hackers Know About Your Switches to make your personal reading is interesting. Your personal skill of reading expertise is developing when you such as reading. Try to choose easy book to make you enjoy to see it and mingle the sensation about book and examining especially. It is to be initial opinion for you to like to available a book and study it. Beside that the e-book LAN Switch Security: What Hackers Know About Your Switches can to be your friend when you're truly feel alone and confuse in doing what must you're doing of their time.