What is included with this book?
Eric Vyncke has a master’s degree in computer science engineering from the University of Liège in Belgium. He
worked as a research assistant in the same university before joining Network Research Belgium. At Network
Research Belgium, he was the head of R&D. He then joined Siemens as a project manager for security projects,
including a proxy firewall. Since 1997, he has worked as a distinguished consulting engineer for Cisco as a technical
consultant for security covering Europe. For 20 years, Eric’s area of expertise has been security from Layer 2 to
the application layer. He is also a guest professor at some Belgian universities for security seminars. Eric is also a
frequent speaker at security events (such as Networkers at Cisco Live and RSA Conference).
Christopher Paggen joined Cisco in 1996 where he has held various positions gravitating around LAN switching
and security technologies. Lately, he has been in charge of defining product requirements for the company’s current
and future high-end firewalls. Christopher holds several U.S. patents, one of which pertains to Dynamic ARP
Inspection (DAI). As CCIE No. 2659, Christopher also owns a B.S. in computer science from HEMES (Belgium)
and went on to study economics at UMH (Belgium) for two more years.
Introduction | p. xix |
Vulnerabilities and Mitigation Techniques | p. 3 |
Introduction to Security | p. 5 |
Security Triadv5 | |
Confidentiality | p. 6 |
Integrity | p. 7 |
Availability | p. 8 |
Reverse Security Triad | p. 8 |
Risk Management | p. 8 |
Risk Analysis | p. 9 |
Risk Control | p. 10 |
Access Control and Identity Management | p. 10 |
Cryptography | p. 11 |
Symmetric Cryptosystems | p. 13 |
Symmetric Encryption | p. 13 |
Hashing Functions | p. 13 |
Hash Message Authentication Code | p. 14 |
Asymmetric Cryptosystems | p. 15 |
Confidentiality with Asymmetric Cryptosystems | p. 16 |
Integrity and Authentication with Asymmetric Cryptosystems | p. 17 |
Key Distribution and Certificates | p. 18 |
Attacks Against Cryptosystems | p. 19 |
Summary | p. 21 |
References | p. 21 |
Defeating a Learning Bridge??A???a????a??s Forwarding Process | p. 23 |
Back to Basics: Ethernet Switching | p. 101 |
23 Ethernet Frame Formats | p. 23 |
Learning Bridge | p. 24 |
Consequences of Excessive Flooding | p. 26 |
Exploiting the Bridging Table: MAC Flooding Attacks | p. 27 |
Forcing an Excessive Flooding Condition | p. 28 |
Introducing the macof Tool | p. 30 |
MAC Flooding Alternative: MAC Spoofing Attacks | p. 34 |
Not Just Theory | p. 35 |
Preventing MAC Flooding and Spoofing Attacksv36 | |
Detecting MAC Activity | p. 36 |
Port Security | p. 37 |
Unknown Unicast Flooding Protection | p. 39 |
Summary | p. 40 |
References | p. 41 |
Attacking the Spanning Tree Protocol | p. 43 |
Introducing Spanning Tree Protocol | p. 43 |
Types of STP | p. 46 |
Understanding 802.1D and 802.1Q Common STP | p. 46 |
Understanding 802.1w Rapid STP | p. 46 |
Understanding 802.1s Multiple STP | p. 47 |
STP Operation: More Details | p. 47 |
Let the Games Begin! | p. 53 |
Attack 1: Taking Over the Root Bridge | p. 55 |
Root Guard | p. 58 |
BPDU-Guard | p. 58 |
Attack 2: DoS Using a Flood of Config BPDUs | p. 60 |
BPDU-Guard | p. 62 |
BPDU Filtering | p. 62 |
Layer 2 PDU Rate Limiter | p. 63 |
Attack 3: DoS Using a Flood of Config BPDUs | p. 63 |
Attack 4: Simulating a Dual-Homed Switch | p. 63 |
Summary | p. 64 |
References | p. 65 |
Are VLANS Safe? | p. 67 |
IEEE 802.1Q Overview | p. 67 |
Frame Classification | p. 68 |
Go Native | p. 69 |
Attack of the 802.1Q Tag Stack | p. 71 |
Understanding Cisco Dynamic Trunking Protocol | p. 76 |
Crafting a DTP Attack | p. 76 |
Countermeasures to DTP Attacks | p. 80 |
Understanding Cisco VTP 80 VTP Vulnerabilities | p. 81 |
Summary | p. 82 |
References | p. 82 |
Leveraging DHCP Weaknesses | p. 85 |
DHCP Overview | p. 85 |
Attacks Against DHCP | p. 89 |
DHCP Scope Exhaustion: DoS Attack Against DHCP | p. 89 |
Yensinia | p. 89 |
Gobbler | p. 90 |
Hijacking Traffic Using DHCP Rogue Servers | p. 92 |
Countermeasures to DHCP Exhaustion Attacks | p. 93 |
Port Security | p. 94 |
Introducing DHCP Snooping | p. 96 |
Rate-Limiting DHCP Messages per Port | p. 97 |
DHCP Message Validation | p. 97 |
DHCP Snooping with Option | p. 82 |
99 Tips for Deploying DHCP Snooping | p. 99 |
Tips for Switches That Do Not Support DHCP Snoopingv100 | |
DHCP Snooping Against IP/MAC Spoofing Attacks | p. 100 |
Summary | p. 103 |
References | p. 103 |
Exploiting IPv4 ARP | p. 105 |
Back to ARP Basics | p. 105 |
Normal ARP Behavior | p. 105 |
Gratuitous ARP | p. 107 |
Risk Analysis for ARP | p. 108 |
ARP Spoofing Attack | p. 108 |
Elements of an ARP Spoofing Attack | p. 109 |
Mounting an ARP Spoofing Attack | p. 111 |
Mitigating an ARP Spoofing Attack | p. 112 |
Dynamic ARP Inspection | p. 112 |
DAI in Cisco IOS | p. 112 |
DAI in CatOS | p. 115 |
Protecting the Hosts | p. 115 |
Intrusion Detection | p. 116 |
Mitigating Other ARP Vulnerabilities | p. 117 |
Summary | p. 118 |
References | p. 118 |
Exploiting IPv6 Neighbor Discovery and Router Advertisement | p. 121 |
Introduction to IPv6 | p. 121 |
Motivation for IPv6 | p. 121 |
What Does IPv6 Change? | p. 122 Ne |
Table of Contents provided by Publisher. All Rights Reserved. |
The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.