Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and...

16
Chapter 5 Secure LAN Switching

  • date post

    21-Dec-2015

  • Category

    Documents

  • view

    229

  • download

    2

TAGS:

Transcript of Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and...

Page 1: Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

Chapter 5 Secure LAN Switching

Page 2: Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks

Page 3: Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

Port Security

Example – Set port security 2/1 enable– Set port security 2/1 00-90-2b-03-34-08– Set port security 3/2 maximum 1

Page 4: Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

Restricting Access to a Switch via IP Permit List

Example – Set ip permit enable– Set ip permit 172.16.0.0 255.255.0.0 telnet– Set ip permit 172.20.52.2 255.255.255.255 snmp– Set ip permit 172.20.52.3 all

Page 5: Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

Controlling LAN Floods

Example– Set port broadcast 2/1-6 75%

Page 6: Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

Private VLANs on the Catalyst 6000

Restricts intra VLAN traffic on a per port basis Solves ARP spoofing

Page 7: Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

IEEE 802.1x Standard

Provides authentication of devices connecting to a physical port on a layer 2 switch or a logical port on a wireless access point

Page 8: Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

802.1x Entities

Supplicant: a device (eg. Laptop) that needs to access the LAN

Authenticator: a device that initiates the authentication process between the supplicant and the authentication server

Authentication server: a device (eg. Cisco ACS) that can authenticate a user on behalf of an authenticator

Page 9: Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

802.1x Communication

Uses Extensible Authentication Protocol (EAP) described in RFC 3748

Authentication data is transmitted in EAP packets – encapsulated in EAPOL frames between

supplicant and authenticator– encapsulated TACACS+ or RADIUS packets

between authenticator and authentication server

Page 10: Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

Extensible Authentication Protocol (EAP)

Carries authentication data between two entities that wish to set up an authenticated channel for communication

Supports one-time password, MD5 hashed username and password, and transport layer security

Page 11: Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

EAP Packet Format (RFC 2284)

Code: identifies EAP packet type such as request, response, success, or failure

Identifier: used to match responses with requests Length: length of EAP packet

Page 12: Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

Types of EAP Request/Response messages

Identity message Notification message NAK message MD-5 challenge message One-time password message Transport-Layer Security (TLS) message

Page 13: Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

EAP Exchange Involving Successful OTP Authentication

Page 14: Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

Frame Format for EAPOL Using Ethernet 802.3

Page 15: Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

Relationship between Supplicant, Authenticator, Authentication server,

EAPOL, and TACACS+/Radius

Page 16: Chapter 5 Secure LAN Switching. MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

802.1x Architecture and Flow using EAP over EAPOL and

EAP over TACACS+/RADIUS


Experiencing Overflow

Experiencing Overflow

bihar flood report 2017imaratshariah.com/images/bihar-flood-report-imarat-shari...Bihar led to the overflow of major rivers like Mahananda, Koshi and Kankai that caused flooding in

bihar flood report 2017imaratshariah.com/images/bihar-flood-report-imarat-shari...Bihar led to the overflow of major rivers like Mahananda, Koshi and Kankai that caused flooding in

Overflow Handling

Overflow Handling

Overflow. Part 3 Overflowing Gratitude Overflow – perisseia “Superabundance”

Overflow. Part 3 Overflowing Gratitude Overflow – perisseia “Superabundance”

Overflow. Part 4 Overflowing Joy Overflow – perisseia “Superabundance”

Overflow. Part 4 Overflowing Joy Overflow – perisseia “Superabundance”

E Overflow

E Overflow

Overflow Designs

Overflow Designs

Stereoscopic Overflow

Stereoscopic Overflow

Overflow 4

Overflow 4

Regional Flash Flood Guidance and Early Warning Flash floods are quick response flood events causing sudden flooding in small river basins. Flooding follows within 6 hours or less

Regional Flash Flood Guidance and Early Warning Flash floods are quick response flood events causing sudden flooding in small river basins. Flooding follows within 6 hours or less

GATE Overflow

GATE Overflow

Community Overflow

Community Overflow

Lecture 3 Linear Data Structures - eecs.yorku.ca Linear Data... · data forced into the buffer goes beyond the expected limits, causing the data to overflow ... • fix 2: increase

Lecture 3 Linear Data Structures - eecs.yorku.ca Linear Data... · data forced into the buffer goes beyond the expected limits, causing the data to overflow ... • fix 2: increase

OVERFLOW CHARTS

OVERFLOW CHARTS

SID Risk Assessment - SA Water · 2020-03-19 · ENVIRONMENTAL –Slide 1 . Page heading goes here • Flooding • Overflow • Wind • Vibration • Ground Movement • Earthquake

SID Risk Assessment - SA Water · 2020-03-19 · ENVIRONMENTAL –Slide 1 . Page heading goes here • Flooding • Overflow • Wind • Vibration • Ground Movement • Earthquake

Overflow - staffordbc.gov.uk

Overflow - staffordbc.gov.uk

[ Overflow ]

[ Overflow ]

Cyclonic Separator - Chicago Pneumatic Pneumatic/CP Stationary... · separator or filter bowl, condensate will overflow into the compressed air system causing damage to equipment

Cyclonic Separator - Chicago Pneumatic Pneumatic/CP Stationary... · separator or filter bowl, condensate will overflow into the compressed air system causing damage to equipment

CLOSED BASIN & LAKE FLOODING - North Dakotaallow the discharge of surplus water, causing them to flood. But unlike river and stream flooding that typically peaks and then recedes;

CLOSED BASIN & LAKE FLOODING - North Dakotaallow the discharge of surplus water, causing them to flood. But unlike river and stream flooding that typically peaks and then recedes;

Compound flooding: Interactions of extreme river flows and sea … · 2020-05-01 · •Projected sea-level rise is the biggest problem –causing substantial and widespread flooding

Compound flooding: Interactions of extreme river flows and sea … · 2020-05-01 · •Projected sea-level rise is the biggest problem –causing substantial and widespread flooding