Welcome to Scribd!

Skip carousel

Understanding Switch Security: Ethernet Lans

Uploaded by

tuancoi

0% found this document useful (0 votes)

3 views11 pages

Module 14

Original Title

Module 14

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Module 14

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

3 views11 pages

Understanding Switch Security: Ethernet Lans

Uploaded by

tuancoi

Module 14

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 11

Search inside document

Understanding

Switch Security

Ethernet LANs

http://vnexperts.net

ICND1 v1.01-1

Common Threats to Physical Installations

Hardware threats
Environmental threats
Electrical threats
Maintenance threats

http://vnexperts.net

ICND1 v1.01-2

Configuring a Switch Password

http://vnexperts.net

ICND1 v1.01-3

Configuring the Login Banner

Defines and enables a customized banner to be displayed before
the username and password login prompts.

SwitchX# banner login " Access for authorized users only. Please enter your
username and password. "

http://vnexperts.net

ICND1 v1.01-4

Telnet vs. SSH Access

Telnet
Most common access method
Insecure
SSH-encrypted
! The username command create the username and password for the SSH session
Username cisco password cisco
ip domain-name mydomain.com
crypto key generate rsa
ip ssh version 2
line vty 0 4
login local
transport input ssh

http://vnexperts.net

ICND1 v1.01-5

Configuring Port Security

Cisco Catalyst 2960 Series
SwitchX(config-if)#switchport port-security [ mac-address
mac-address | mac-address sticky [mac-address] | maximum
value | violation {restrict | shutdown}]

SwitchX(config)#interface fa0/5
SwitchX(config-if)#switchport mode access
SwitchX(config-if)#switchport port-security
SwitchX(config-if)#switchport port-security maximum 1
SwitchX(config-if)#switchport port-security mac-address sticky
SwitchX(config-if)#switchport port-security violation shutdown

http://vnexperts.net

ICND1 v1.01-6

Verifying Port Security

on the Catalyst 2960 Series
SwitchX#show port-security [interface interface-id] [address] [ |
{begin | exclude | include} expression]

SwitchX#show port-security
Port Security
Port Status
Violation Mode
Aging Time
Aging Type
SecureStatic Address Aging
Maximum MAC Addresses
Total MAC Addresses
Configured MAC Addresses
Sticky MAC Addresses
Last Source Address
Security Violation Count

http://vnexperts.net

interface fastethernet 0/5

: Enabled
: Secure-up
: Shutdown
: 20 mins
: Absolute
: Disabled
: 1
: 1
: 0
: 0
: 0000.0000.0000
: 0

ICND1 v1.01-7

Verifying Port Security

on the Catalyst 2960 Series (Cont.)
SwitchX#sh port-security address
Secure Mac Address Table
------------------------------------------------------------------Vlan
Mac Address
Type
Ports
Remaining Age
(mins)
--------------------------------1
0008.dddd.eeee
SecureConfigured
Fa0/5
------------------------------------------------------------------Total Addresses in System (excluding one mac per port)
: 0
Max Addresses limit in System (excluding one mac per port) : 1024

SwitchX#sh port-security
Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action
(Count)
(Count)
(Count)
-------------------------------------------------------------------------Fa0/5
1
1
0
Shutdown
--------------------------------------------------------------------------Total Addresses in System (excluding one mac per port)
: 0
Max Addresses limit in System (excluding one mac per port) : 1024

http://vnexperts.net

ICND1 v1.01-8

Securing Unused Ports

Unsecured ports can create a security hole.
A switch plugged into an unused port will be added to the
network.
Secure unused ports by disabling interfaces (ports).

http://vnexperts.net

ICND1 v1.01-9

Disabling an Interface (Port)

SwitchX(config-int)#

shutdown
To disable an interface, use the shutdown command in interface
configuration mode.
To restart a disabled interface, use the no form of this command.

http://vnexperts.net

ICND1 v1.01-10

Summary
The first level of security is physical.
Passwords can be used to limit access to users that have been
given the password.
The login banner can be used to display a message before the
user is prompted for a username.
Telnet sends session traffic in cleartext; SSH encrypts the session
traffic.
Port security can be used to limit MAC addresses to a port.
Unused ports should be shut down.

http://vnexperts.net

ICND1 v1.01-11

Cisco CCNA Command Guide: An Introductory Guide for CCNA & Computer Networking Beginners: Computer Networking, #3
From Everand
Cisco CCNA Command Guide: An Introductory Guide for CCNA & Computer Networking Beginners: Computer Networking, #3
Ramon Nastase
No ratings yet
Windows Command and Tools Part 1
Document26 pages
Windows Command and Tools Part 1
Tolulope Abiodun
No ratings yet
1.verification of Basic Logic Gates
Document7 pages
1.verification of Basic Logic Gates
Vijay M
50% (2)
Tejas Node Config
Document20 pages
Tejas Node Config
Anuj Kumar
100% (1)
How To Mirror Your Root Disk On AIX (A.k.a. Rootvg)
Document8 pages
How To Mirror Your Root Disk On AIX (A.k.a. Rootvg)
tuancoi
No ratings yet
Network with Practical Labs Configuration: Step by Step configuration of Router and Switch configuration
From Everand
Network with Practical Labs Configuration: Step by Step configuration of Router and Switch configuration
Mulayam Singh
No ratings yet
Storwize V7000 Technical Sales Related Resources
Document24 pages
Storwize V7000 Technical Sales Related Resources
tuancoi
No ratings yet
UNDERSTANDING VIAS - Mentorpaper - 73085 PDF
Document8 pages
UNDERSTANDING VIAS - Mentorpaper - 73085 PDF
Daniel Carrasco
No ratings yet
Microsoft Word StorageTek SL150 Modular Tape Library Sales Specialist Exam1
Document11 pages
Microsoft Word StorageTek SL150 Modular Tape Library Sales Specialist Exam1
Tea Alex
100% (1)
Network 4-Admin List of Default Router Passwords and IP Addresses Netgear D-Link Belkin Linksys Others
Document8 pages
Network 4-Admin List of Default Router Passwords and IP Addresses Netgear D-Link Belkin Linksys Others
Gutta Manish
No ratings yet
Hive Lab
Document33 pages
Hive Lab
tuancoi
No ratings yet
19.4.4 Packet Tracer - Build A Switch and Router Network - ILM
Document8 pages
19.4.4 Packet Tracer - Build A Switch and Router Network - ILM
johannachica
No ratings yet
Aix Commands Cheat Sheet
Document23 pages
Aix Commands Cheat Sheet
dharmareddyr
No ratings yet
БИБЛИЯ!! АПОЛЛО!!!
Document60 pages
БИБЛИЯ!! АПОЛЛО!!!
And
100% (1)
Next-Generation switching OS configuration and management: Troubleshooting NX-OS in Enterprise Environments
From Everand
Next-Generation switching OS configuration and management: Troubleshooting NX-OS in Enterprise Environments
Mamta Devi
No ratings yet
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
From Everand
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
Mulayam Singh
No ratings yet
BRKRST-2612 Cisco IOS - Managing, Optimising and Tweaking
Document105 pages
BRKRST-2612 Cisco IOS - Managing, Optimising and Tweaking
BoM36040
No ratings yet
Config Msan 5616T
Document11 pages
Config Msan 5616T
radia gana
No ratings yet
Understanding Switch Security: Ethernet Lans
Document12 pages
Understanding Switch Security: Ethernet Lans
Viet Thang Nguyen
No ratings yet
Switch Security
Document11 pages
Switch Security
Donovan
No ratings yet
Understanding Switch Security: Ethernet Lans
Document12 pages
Understanding Switch Security: Ethernet Lans
Abdul Majeed
No ratings yet
1 4+-+equipamentos+do+lab
Document9 pages
1 4+-+equipamentos+do+lab
Flávio Ávilah
No ratings yet
Configuring Catalyst Switch
Document22 pages
Configuring Catalyst Switch
Shamsol Ariffin
No ratings yet
Configuring Port Security
Document2 pages
Configuring Port Security
Ariel Alvarez
No ratings yet
0 - Basic Switch Configuration
Document2 pages
0 - Basic Switch Configuration
Amjd Ahmad
No ratings yet
0506 PCX-2 V0106 en
Document127 pages
0506 PCX-2 V0106 en
spale82
No ratings yet
Understanding Switch Security Issues: Minimizing Service Loss and Data Theft in A Campus Network
Document69 pages
Understanding Switch Security Issues: Minimizing Service Loss and Data Theft in A Campus Network
Arun Joy
No ratings yet
Scope: Configuration Guide: Juniper Networks Branch SRX Series Services Gateways
Document8 pages
Scope: Configuration Guide: Juniper Networks Branch SRX Series Services Gateways
Alcides Chana
No ratings yet
Troubleshoot Hardware Forwarding Issues
Document26 pages
Troubleshoot Hardware Forwarding Issues
ivnnpc
No ratings yet
Spanning Tree Lab: Step 1: Getting Familiar With Switch IOS
Document21 pages
Spanning Tree Lab: Step 1: Getting Familiar With Switch IOS
N
No ratings yet
Practical 6
Document13 pages
Practical 6
riyevas163
No ratings yet
Cursos de Cisco
Document10 pages
Cursos de Cisco
Ryan Tarnat
No ratings yet
Oracle and Firewalls On Windows UNIX
Document9 pages
Oracle and Firewalls On Windows UNIX
Bodea Florin
No ratings yet
LXE-MX7 (Tecton) - Windows - Configuration - V1.2 - FORS
Document18 pages
LXE-MX7 (Tecton) - Windows - Configuration - V1.2 - FORS
Erik Vera
No ratings yet
CCNA 2 RSE Chapter 2 SIC Practice Skills Assessment Packet Tracer Answers
Document4 pages
CCNA 2 RSE Chapter 2 SIC Practice Skills Assessment Packet Tracer Answers
Carlos Martìn Coronado Hoyos
No ratings yet
Dial Up VPN
Document6 pages
Dial Up VPN
AntonioMarvel
No ratings yet
Hardware
Document6 pages
Hardware
reggedwar
No ratings yet
PL2303 DriverInstallerv1.16.0 ReleaseNote
Document5 pages
PL2303 DriverInstallerv1.16.0 ReleaseNote
shaheds
No ratings yet
Basics To Configure A CISCO Router To Connect To Internet
Document4 pages
Basics To Configure A CISCO Router To Connect To Internet
Kurniawan Setyo Nugroho
No ratings yet
N-TEC Access: SIMPLEX 4100U Interface - Product Specification and Manual
Document19 pages
N-TEC Access: SIMPLEX 4100U Interface - Product Specification and Manual
Robel MT
No ratings yet
Practical 4
Document11 pages
Practical 4
riyevas163
No ratings yet
Theory:: Experiment No: 07
Document4 pages
Theory:: Experiment No: 07
Md. Humayun Kobir
No ratings yet
Apc - Cli - Ups Apc
Document50 pages
Apc - Cli - Ups Apc
Neto Santos
No ratings yet
Cybersecurity Notes
Document10 pages
Cybersecurity Notes
nikhil kannale
No ratings yet
CCNA SEC Notes
Document41 pages
CCNA SEC Notes
Suman Kumar
No ratings yet
Theory:: Experiment No: 07
Document4 pages
Theory:: Experiment No: 07
Md. Humayun Kobir
No ratings yet
SW2 Agencia Iquique#
Document35 pages
SW2 Agencia Iquique#
Diego Sebastián Pinto Selman
No ratings yet
Huawei MA5616 Service Configuration Document
Document11 pages
Huawei MA5616 Service Configuration Document
Pawan Kumar
100% (1)
29 Understanding Cisco Router Security
Document7 pages
29 Understanding Cisco Router Security
Keepmoving Nevergiveup
No ratings yet
PL2303 DriverInstallerv1.9.0 ReleaseNote
Document4 pages
PL2303 DriverInstallerv1.9.0 ReleaseNote
Marcos Ramos
No ratings yet
Important Cisco Chow Commands
Document21 pages
Important Cisco Chow Commands
Syed Rahmath Ali
No ratings yet
Seguridad de Puertos (Port Security)
Document2 pages
Seguridad de Puertos (Port Security)
Carlos Choquehuanca
No ratings yet
Cisco Catalyst 3500 Series XL Command Reference
Document346 pages
Cisco Catalyst 3500 Series XL Command Reference
digitalmick
No ratings yet
PL2303 DriverInstallerv1.16.0 ReleaseNote
Document5 pages
PL2303 DriverInstallerv1.16.0 ReleaseNote
jeffsct
No ratings yet
Lab No.2 CCN
Document6 pages
Lab No.2 CCN
Maham Akram
No ratings yet
Read Me
Document6 pages
Read Me
Angela Cherry
No ratings yet
Cisco CCNA Help Document
Document155 pages
Cisco CCNA Help Document
Miloš Davitković
No ratings yet
16.5.2 Lab - Secure Network Devices
Document5 pages
16.5.2 Lab - Secure Network Devices
Fernando Alburquerque
No ratings yet
Script Not Run 2. Problem in User Tacac 3. Create User Tacac
Document1 page
Script Not Run 2. Problem in User Tacac 3. Create User Tacac
Tika Larasati
No ratings yet
Understanding Switch Security Issues: Minimizing Service Loss and Data Theft in A Campus Network
Document17 pages
Understanding Switch Security Issues: Minimizing Service Loss and Data Theft in A Campus Network
ThanhNN0312
No ratings yet
Day1 - Network Devices
Document3 pages
Day1 - Network Devices
ozy.almondry2021
No ratings yet
PL2303 DriverInstallerv1.19.0 ReleaseNote
Document6 pages
PL2303 DriverInstallerv1.19.0 ReleaseNote
cabral
No ratings yet
11.2.4.6 Lab - Accessing Network Devices With SSH
Document6 pages
11.2.4.6 Lab - Accessing Network Devices With SSH
ParthPatel
0% (3)
Basic Switch/Router Configuration & Security (Ref Chapter 9 - ICND1)
Document26 pages
Basic Switch/Router Configuration & Security (Ref Chapter 9 - ICND1)
Kevin Sleight
No ratings yet
Cpuz Readme
Document14 pages
Cpuz Readme
edersson
No ratings yet
How To Libss7
Document12 pages
How To Libss7
Febin Wilson
No ratings yet
PLC: Programmable Logic Controller – Arktika.: EXPERIMENTAL PRODUCT BASED ON CPLD.
From Everand
PLC: Programmable Logic Controller – Arktika.: EXPERIMENTAL PRODUCT BASED ON CPLD.
MARIO FRANCO
No ratings yet
Report Types
Document2 pages
Report Types
tuancoi
No ratings yet
Websense® Content Protection Suite Endpoint Agent Installation
Document13 pages
Websense® Content Protection Suite Endpoint Agent Installation
tuancoi
No ratings yet
Final Report SAMPLE
Document27 pages
Final Report SAMPLE
tuancoi
No ratings yet
Active Memory Expansion Client 030110
Document23 pages
Active Memory Expansion Client 030110
tuancoi
No ratings yet
Websense Deployment Checklist - 1
Document7 pages
Websense Deployment Checklist - 1
tuancoi
No ratings yet
Enabling The Internet Connection: WAN Connections
Document23 pages
Enabling The Internet Connection: WAN Connections
tuancoi
No ratings yet
Troubleshooting Switch Issues: Ethernet Lans
Document12 pages
Troubleshooting Switch Issues: Ethernet Lans
tuancoi
No ratings yet
Using The Cisco SDM: LAN Connections
Document9 pages
Using The Cisco SDM: LAN Connections
tuancoi
No ratings yet
Troubleshooting Eigrp
Document8 pages
Troubleshooting Eigrp
tuancoi
No ratings yet
Implementing VLSM: Medium-Sized Routed Network Construction
Document19 pages
Implementing VLSM: Medium-Sized Routed Network Construction
tuancoi
No ratings yet
Configuring Serial Encapsulation: WAN Connections
Document23 pages
Configuring Serial Encapsulation: WAN Connections
tuancoi
No ratings yet
Troubleshooting Frame Relay Wans: LAN Extension Into A WAN
Document7 pages
Troubleshooting Frame Relay Wans: LAN Extension Into A WAN
tuancoi
No ratings yet
Breaking Smartcards Using Power Analysis: Omar Choudary (Osc22) University of Cambridge
Document13 pages
Breaking Smartcards Using Power Analysis: Omar Choudary (Osc22) University of Cambridge
bhaskar_chintakindi
No ratings yet
Access Control Specs
Document31 pages
Access Control Specs
Lawrence Magure
No ratings yet
CSC461-Objected Oriented Programming
Document52 pages
CSC461-Objected Oriented Programming
Franklyn Frank
100% (1)
Wireless Siren EN Rev-D 27-01-2010
Document16 pages
Wireless Siren EN Rev-D 27-01-2010
KaZeta Mongo
No ratings yet
Reflective Memory
Document149 pages
Reflective Memory
Marco
No ratings yet
DF Power Guide
Document74 pages
DF Power Guide
Kranthi Konduru
No ratings yet
Data Sheet Rectifier PSR327 220VDC PDF
Document2 pages
Data Sheet Rectifier PSR327 220VDC PDF
Iancu Constantin
No ratings yet
Gps Tracker ST 901 Manual
Document8 pages
Gps Tracker ST 901 Manual
Koshila Senanayake
No ratings yet
Art Matching PDF
Document2 pages
Art Matching PDF
Kemboya Luigi
No ratings yet
Project Report (Parallel SM - NW) PDF
Document21 pages
Project Report (Parallel SM - NW) PDF
shashwat
No ratings yet
View Job Posting Details
Document3 pages
View Job Posting Details
IMEDITA INDIA
No ratings yet
Micro Controllers
Document2 pages
Micro Controllers
Suhil Shaik
0% (1)
53 1000114 02 FOS Password Recovery PDF
Document14 pages
53 1000114 02 FOS Password Recovery PDF
kenjiro08
No ratings yet
Nmos I-V Characteristic
Document10 pages
Nmos I-V Characteristic
vinayvpalekar
No ratings yet
EXFO Reference-Poster Raman V1 en
Document3 pages
EXFO Reference-Poster Raman V1 en
Boy Tai Hin
No ratings yet
Ug994 Vivado Ip Subsystems
Document263 pages
Ug994 Vivado Ip Subsystems
MiNi Chu
No ratings yet
RC 1978 06
Document46 pages
RC 1978 06
Jan Pran
No ratings yet
1394308827-Impressora de Etiquetas LB-1000 Manual 03 Manual Software Bartender
Document55 pages
1394308827-Impressora de Etiquetas LB-1000 Manual 03 Manual Software Bartender
MILTON LOPES
No ratings yet
PPL 50 Programs
Document76 pages
PPL 50 Programs
Anjali Thakur
No ratings yet
Balanza Cas PR II Usb Folleto
Document2 pages
Balanza Cas PR II Usb Folleto
Alexander Sira Wanqara
No ratings yet
Pioneer3AT P3AT RevA
Document2 pages
Pioneer3AT P3AT RevA
Chú Cá Con
No ratings yet
TRB Answer Key
Document70 pages
TRB Answer Key
Vskm Nagarajan Muthuragavan
No ratings yet
MBA 00013 03 CTU Operation Manual PDF
Document44 pages
MBA 00013 03 CTU Operation Manual PDF
Claudio Torres
No ratings yet
Application To Monitoring A USB Control With Pytho
Document7 pages
Application To Monitoring A USB Control With Pytho
Lucas Renato Trevisan
No ratings yet
Release Notes: Postgres Plus® Standard Server v9.0
Document14 pages
Release Notes: Postgres Plus® Standard Server v9.0
flaviocarmo
No ratings yet
APIGateway ConceptsGuide allOS en PDF
Document44 pages
APIGateway ConceptsGuide allOS en PDF
ryandunksfamz
No ratings yet