Presentation is loading. Please wait.

Presentation is loading. Please wait.

TCP/SYN Attack – use ACL to allow traffic from TCP connections that were established from the internal network and block packets from an external network.

Published byBuck Garrett Modified over 8 years ago

Similar presentations

Presentation on theme: "TCP/SYN Attack – use ACL to allow traffic from TCP connections that were established from the internal network and block packets from an external network."— Presentation transcript:

1 TCP/SYN Attack – use ACL to allow traffic from TCP connections that were established from the internal network and block packets from an external network that have only the SYN flag set. (DoS) Verify that the security policy specifies how ACLs will be implementation to support the secure processing environment. Consult the reference material for more thorough narrative for ACL best practices.

2 Routing protocols – gathers information about available networks. OSPF, BGP, RIP are IETF standards IS-IS is ISO standard EIGRP is Cisco Proprietary Authenticated router updates ensure that the update messages came from legitimate sources, bogus messages are automatically discarded. Configure passive-interfaces to prevent update distribution. Review configuration to verify implementation.

3 Cisco Discovery Protocol (CDP) – Cisco proprietary protocol, provides the capability for sharing system information between Cisco products If this information is not required for operational needs, then it should be disabled. Review config to verify that CDP is disabled.

4 Port Security – no security by default. All switch ports or interfaces should be secured before the switch is deployed. If port not being used, configure shutdown. MAC addresses are learned dynamically by default and not saved in config file. Static entries are manually entered for each port and saved in the running configuration. Sticky entries are similar to static entries except they are dynamically learned and are saved in the config.

5 Each active port can be restricted by a maximum MAC address count with an action selected for any violations.

6 Verify that policy establishes minimum security requirements for port security. Verify that unused ports are disabled. Verify that active ports are restricted by a maximum MAC address count. Verify that the action selected for any violations is based on established policy requirements.

7 A Virtual Local Area Network (VLAN) is a broadcast domain configured in the switch. All members of a VLAN are grouped logically into the same broadcast domain independent of their physical location. Routing is required for communication among members of different VLANs.

8 Cisco switches use VLAN 1 as the default VLAN to assign to their ports, including the management ports. Protocols such as CDP and VTP, need to be sent on a specific VLAN, VLAN 1. VLAN 1 may span the entire network Provides attackers easier access and extended reach for their attacks.

Download ppt "TCP/SYN Attack – use ACL to allow traffic from TCP connections that were established from the internal network and block packets from an external network."

Similar presentations

Mitigating Layer 2 Attacks

Mitigating Layer 2 Attacks
Route Optimisation RD-CSY3021.

Route Optimisation RD-CSY3021.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Common Layer 2 Attacks and Countermeasures.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Common Layer 2 Attacks and Countermeasures.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Inter- VLAN Routing LAN Switching and Wireless – Chapter 6.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Inter- VLAN Routing LAN Switching and Wireless – Chapter 6.
RIP V1 W.lilakiatsakun.

RIP V1 W.lilakiatsakun.
Virtual LANs.

Virtual LANs.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: EIGRP Advanced Configurations and Troubleshooting Scaling.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: EIGRP Advanced Configurations and Troubleshooting Scaling.
Implementing Inter-VLAN Routing

Implementing Inter-VLAN Routing
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Introduction to Switched Networks Routing and Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Introduction to Switched Networks Routing and Switching.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—3-1 Determining IP Routes Introducing Routing.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—3-1 Determining IP Routes Introducing Routing.
1 Version 3.0 Module 8 Virtual LANs. 2 Version 3.0.

1 Version 3.0 Module 8 Virtual LANs. 2 Version 3.0.
Mod 10 – Routing Protocols

Mod 10 – Routing Protocols
Routing and Routing Protocols

Routing and Routing Protocols
VLANs Semester 3, Chapter 3 Allan Johnson Website:

VLANs Semester 3, Chapter 3 Allan Johnson Website:
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
© Wiley Inc. 2006. All Rights Reserved. CCNA: Cisco Certified Network Associate Study Guide CHAPTER 8: Virtual LANs (VLANs)

© Wiley Inc All Rights Reserved. CCNA: Cisco Certified Network Associate Study Guide CHAPTER 8: Virtual LANs (VLANs)
Routing ROUTING. Router A router is a device that determines the next network point to which a packet should be forwarded toward its destination Allow.

Routing ROUTING. Router A router is a device that determines the next network point to which a packet should be forwarded toward its destination Allow.
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,

(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
OSPF www.systemyar.net. To route, a router needs to do the following: Know the destination address Identify the sources it can learn from Discover possible.

OSPF To route, a router needs to do the following: Know the destination address Identify the sources it can learn from Discover possible.
Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.

Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.

Similar presentations

Ads by Google