SlideShare a Scribd company logo

DNS play an important role in a network. It is therefore important f.pdf

A
arpitcollections

DNS play an important role in a network. It is therefore important for the information in a DNS table to be protected from authorized modification. Write your paper on protecting the information in a DNS table. Solution The DNS protocol leverages the User Datagram Protocol (UDP) for the majority of its operations. UDP is a connectionless protocol and, as such, it can be easily spoofed. Many of the attacks described in this document rely on spoofing to be successful. Several security controls can be implemented to limit spoofing. These controls are described in the following sections. Unicast Reverse Path Forwarding Unicast Reverse Path Forwarding (Unicast RPF) is a feature that can reduce the effectiveness of packets with spoofed source addresses. A network device using Unicast RPF evaluates the source of each IP packet against its local routing table in order to determine source address validity. While it can detect and filter some spoofed traffic, Unicast RPF does not provide complete protection against spoofing because spoofed and valid packets with the same source address may arrive on the same interface. Unicast RPF operates in two modes: strict and loose. In strict mode, the Unicast RPF feature uses the local routing table to determine if the source address within a packet is reachable through the interface on which the packet was received. If it is reachable, the packet is permitted; if it was not, the packet is dropped. Strict mode Unicast RPF is best deployed on network boundaries where traffic asymmetry is not prevalent. Strict mode Unicast RPF is enabled on Cisco IOS devices using the interface configuration command ip verify unicast source reachable-via rx; the previous format of this command was ip verify unicast reverse-path. Strict mode Unicast RPF can be enabled on the Cisco PIX, ASA, and FWSM firewalls using the ip verify reverse-path interface interface configuration command. In loose mode Unicast RPF, if the source address of a packet is reachable through any interface on the Unicast RPF enabled device, the packet is permitted. If the source address of the IP packet is not present in the routing table, the packet is dropped. Loose mode Unicast RPF can be enabled on Cisco IOS devices using the ip verify source reachable-via any interface configuration command; loose mode Unicast RPF is not available on Cisco PIX, ASA or FWSM firewalls. More information about Unicast RPF is available in the Applied Intelligence Understanding Unicast Reverse Path Forwarding white paper. IP Source Guard IP source guard is a Layer 2 security feature that builds upon Unicast RPF and DHCP snooping to filter spoofed traffic on individual switch ports. DHCP snooping, which is a prerequisite of IP source guard, inspects DHCP traffic within a VLAN to understand which IP addresses have been assigned to which network devices on which physical switch port. Once this information has been gathered and stored in the DHCP snooping bindings table, IP source g.

Education
1 of 2
Download to read offline
DNS play an important role in a network. It is therefore important for the information in a DNS table to be protected from authorized modification. Write your paper on protecting the information in a DNS table. Solution The DNS protocol leverages the User Datagram Protocol (UDP) for the majority of its operations. UDP is a connectionless protocol and, as such, it can be easily spoofed. Many of the attacks described in this document rely on spoofing to be successful. Several security controls can be implemented to limit spoofing. These controls are described in the following sections. Unicast Reverse Path Forwarding Unicast Reverse Path Forwarding (Unicast RPF) is a feature that can reduce the effectiveness of packets with spoofed source addresses. A network device using Unicast RPF evaluates the source of each IP packet against its local routing table in order to determine source address validity. While it can detect and filter some spoofed traffic, Unicast RPF does not provide complete protection against spoofing because spoofed and valid packets with the same source address may arrive on the same interface. Unicast RPF operates in two modes: strict and loose. In strict mode, the Unicast RPF feature uses the local routing table to determine if the source address within a packet is reachable through the interface on which the packet was received. If it is reachable, the packet is permitted; if it was not, the packet is dropped. Strict mode Unicast RPF is best deployed on network boundaries where traffic asymmetry is not prevalent. Strict mode Unicast RPF is enabled on Cisco IOS devices using the interface configuration command ip verify unicast source reachable-via rx; the previous format of this command was ip verify unicast reverse-path. Strict mode Unicast RPF can be enabled on the Cisco PIX, ASA, and FWSM firewalls using the ip verify reverse-path interface interface configuration command. In loose mode Unicast RPF, if the source address of a packet is reachable through any interface on the Unicast RPF enabled device, the packet is permitted. If the source address of the IP packet is not present in the routing table, the packet is dropped. Loose mode Unicast RPF can be enabled on Cisco IOS devices using the ip verify source reachable-via any interface configuration command; loose mode Unicast RPF is not available on Cisco PIX, ASA or FWSM firewalls. More information about Unicast RPF is available in the Applied Intelligence Understanding Unicast Reverse Path Forwarding white paper.
IP Source Guard IP source guard is a Layer 2 security feature that builds upon Unicast RPF and DHCP snooping to filter spoofed traffic on individual switch ports. DHCP snooping, which is a prerequisite of IP source guard, inspects DHCP traffic within a VLAN to understand which IP addresses have been assigned to which network devices on which physical switch port. Once this information has been gathered and stored in the DHCP snooping bindings table, IP source guard is able to leverage it to filter IP packets received by a network device. If a packet is received with a source address that does not match the DHCP snooping bindings table, the packet is dropped. The implementation of IP source guard within the access layer of a network can effectively eliminate the origination of spoofed IP traffic. However, because it requires DHCP to remain manageable, it is not possible to deploy IP source guard on internal-to-external network boundaries.

Recommended

ccna presentation 2013
ccna presentation 2013ccna presentation 2013
ccna presentation 2013RoHit VashIsht
 
IRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET- Constructing Inter Domain Packet Filter for Controlling IP SpoofingIRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET- Constructing Inter Domain Packet Filter for Controlling IP SpoofingIRJET Journal
 
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisonsAPNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisonsSiena Perry
 
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisonsAPNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisonsAPNIC
 
NAT_Final
NAT_FinalNAT_Final
NAT_FinalPratik Bhide
 
Attachment 11 use of common analyzing and positioning tools
Attachment 11 use of common analyzing and positioning toolsAttachment 11 use of common analyzing and positioning tools
Attachment 11 use of common analyzing and positioning toolsChristian Silva Espinoza
 
Basic Introduction to Technology (networking).pdf
Basic Introduction to Technology (networking).pdfBasic Introduction to Technology (networking).pdf
Basic Introduction to Technology (networking).pdftthind
 
Ospf
OspfOspf
OspfJoshua Fonseca
 

Recommended

ccna presentation 2013
ccna presentation 2013ccna presentation 2013
ccna presentation 2013RoHit VashIsht
 
IRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET- Constructing Inter Domain Packet Filter for Controlling IP SpoofingIRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET- Constructing Inter Domain Packet Filter for Controlling IP SpoofingIRJET Journal
 
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisonsAPNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisonsSiena Perry
 
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisonsAPNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisonsAPNIC
 
NAT_Final
NAT_FinalNAT_Final
NAT_FinalPratik Bhide
 
Attachment 11 use of common analyzing and positioning tools
Attachment 11 use of common analyzing and positioning toolsAttachment 11 use of common analyzing and positioning tools
Attachment 11 use of common analyzing and positioning toolsChristian Silva Espinoza
 
Basic Introduction to Technology (networking).pdf
Basic Introduction to Technology (networking).pdfBasic Introduction to Technology (networking).pdf
Basic Introduction to Technology (networking).pdftthind
 
Ospf
OspfOspf
OspfJoshua Fonseca
 
ccna networking ppt
ccna networking pptccna networking ppt
ccna networking pptEr. Anmol Bhagat
 
D017131318
D017131318D017131318
D017131318IOSR Journals
 
Security Issues in Next Generation IP and Migration Networks
Security Issues in Next Generation IP and Migration NetworksSecurity Issues in Next Generation IP and Migration Networks
Security Issues in Next Generation IP and Migration NetworksIOSR Journals
 
Ospf
OspfOspf
Ospfgopi1985
 
CisCon 2018 - Overlay Management Protocol e IPsec
CisCon 2018 - Overlay Management Protocol e IPsecCisCon 2018 - Overlay Management Protocol e IPsec
CisCon 2018 - Overlay Management Protocol e IPsecAreaNetworking.it
 
D1-Abdelsalam.pdf
D1-Abdelsalam.pdfD1-Abdelsalam.pdf
D1-Abdelsalam.pdfssuser8139dc
 
How to configure the basic OSPF?
How to configure the basic OSPF?How to configure the basic OSPF?
How to configure the basic OSPF?E-Lins Technology Co. Ltd.
 
Ip sec
Ip secIp sec
Ip secShiva Krishna Chandra Shekar
 
Comparing ospf vs isis
Comparing ospf vs isisComparing ospf vs isis
Comparing ospf vs isisrushi7567
 
OSPFv3_Technology_White_Paper.pdf
OSPFv3_Technology_White_Paper.pdfOSPFv3_Technology_White_Paper.pdf
OSPFv3_Technology_White_Paper.pdfDenis Rasskazov
 
CCNA FUNDAMENTAL
CCNA FUNDAMENTALCCNA FUNDAMENTAL
CCNA FUNDAMENTALEr Aadarsh Srivastava
 
Network virtualization beyond vla ns-part2
Network virtualization beyond vla ns-part2Network virtualization beyond vla ns-part2
Network virtualization beyond vla ns-part2IT Tech
 
For your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laFor your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laShainaBoling829
 
Lan Network with Redundancy.ppt
Lan Network with Redundancy.pptLan Network with Redundancy.ppt
Lan Network with Redundancy.pptSantanu Mukhopadhyay
 
Lan Network with Redundancy
Lan Network with RedundancyLan Network with Redundancy
Lan Network with RedundancySantanu Mukherjee
 
Networking interview questions
Networking interview questionsNetworking interview questions
Networking interview questionszahadath
 
Firewall & its Services
Firewall & its ServicesFirewall & its Services
Firewall & its ServicesNavdeep Dhingra
 
Network Layer Protocol.pptx
Network Layer Protocol.pptxNetwork Layer Protocol.pptx
Network Layer Protocol.pptxSeekayAlaisKaruppaia
 
Network interview questions
Network interview questionsNetwork interview questions
Network interview questionsrajasekar1712
 
OSPF by Abdullah Mukhtar
OSPF by Abdullah MukhtarOSPF by Abdullah Mukhtar
OSPF by Abdullah MukhtarAbdullah Mukhtar
 
How has the rise of telehealth broadened the possibilities of what i.pdf
How has the rise of telehealth broadened the possibilities of what i.pdfHow has the rise of telehealth broadened the possibilities of what i.pdf
How has the rise of telehealth broadened the possibilities of what i.pdfarpitcollections
 
how do you convert analog signals to digital signalsSolutionTh.pdf
how do you convert analog signals to digital signalsSolutionTh.pdfhow do you convert analog signals to digital signalsSolutionTh.pdf
how do you convert analog signals to digital signalsSolutionTh.pdfarpitcollections
 

More Related Content

Similar to DNS play an important role in a network. It is therefore important f.pdf

Security Issues in Next Generation IP and Migration Networks
Security Issues in Next Generation IP and Migration NetworksSecurity Issues in Next Generation IP and Migration Networks
Security Issues in Next Generation IP and Migration NetworksIOSR Journals
 
CisCon 2018 - Overlay Management Protocol e IPsec
CisCon 2018 - Overlay Management Protocol e IPsecCisCon 2018 - Overlay Management Protocol e IPsec
CisCon 2018 - Overlay Management Protocol e IPsecAreaNetworking.it
 
Comparing ospf vs isis
Comparing ospf vs isisComparing ospf vs isis
Comparing ospf vs isisrushi7567
 
OSPFv3_Technology_White_Paper.pdf
OSPFv3_Technology_White_Paper.pdfOSPFv3_Technology_White_Paper.pdf
OSPFv3_Technology_White_Paper.pdfDenis Rasskazov
 
Network virtualization beyond vla ns-part2
Network virtualization beyond vla ns-part2Network virtualization beyond vla ns-part2
Network virtualization beyond vla ns-part2IT Tech
 
For your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laFor your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laShainaBoling829
 
Networking interview questions
Networking interview questionsNetworking interview questions
Networking interview questionszahadath
 
Network interview questions
Network interview questionsNetwork interview questions
Network interview questionsrajasekar1712
 

Similar to DNS play an important role in a network. It is therefore important f.pdf (20)

ccna networking ppt
ccna networking pptccna networking ppt
ccna networking ppt
 
D017131318
D017131318D017131318
D017131318
 
Security Issues in Next Generation IP and Migration Networks
Security Issues in Next Generation IP and Migration NetworksSecurity Issues in Next Generation IP and Migration Networks
Security Issues in Next Generation IP and Migration Networks
 
Ospf
OspfOspf
Ospf
 
CisCon 2018 - Overlay Management Protocol e IPsec
CisCon 2018 - Overlay Management Protocol e IPsecCisCon 2018 - Overlay Management Protocol e IPsec
CisCon 2018 - Overlay Management Protocol e IPsec
 
D1-Abdelsalam.pdf
D1-Abdelsalam.pdfD1-Abdelsalam.pdf
D1-Abdelsalam.pdf
 
How to configure the basic OSPF?
How to configure the basic OSPF?How to configure the basic OSPF?
How to configure the basic OSPF?
 
Ip sec
Ip secIp sec
Ip sec
 
Comparing ospf vs isis
Comparing ospf vs isisComparing ospf vs isis
Comparing ospf vs isis
 
OSPFv3_Technology_White_Paper.pdf
OSPFv3_Technology_White_Paper.pdfOSPFv3_Technology_White_Paper.pdf
OSPFv3_Technology_White_Paper.pdf
 
CCNA FUNDAMENTAL
CCNA FUNDAMENTALCCNA FUNDAMENTAL
CCNA FUNDAMENTAL
 
Network virtualization beyond vla ns-part2
Network virtualization beyond vla ns-part2Network virtualization beyond vla ns-part2
Network virtualization beyond vla ns-part2
 
For your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laFor your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and la
 
Lan Network with Redundancy.ppt
Lan Network with Redundancy.pptLan Network with Redundancy.ppt
Lan Network with Redundancy.ppt
 
Lan Network with Redundancy
Lan Network with RedundancyLan Network with Redundancy
Lan Network with Redundancy
 
Networking interview questions
Networking interview questionsNetworking interview questions
Networking interview questions
 
Firewall & its Services
Firewall & its ServicesFirewall & its Services
Firewall & its Services
 
Network Layer Protocol.pptx
Network Layer Protocol.pptxNetwork Layer Protocol.pptx
Network Layer Protocol.pptx
 
Network interview questions
Network interview questionsNetwork interview questions
Network interview questions
 
OSPF by Abdullah Mukhtar
OSPF by Abdullah MukhtarOSPF by Abdullah Mukhtar
OSPF by Abdullah Mukhtar
 

More from arpitcollections

How has the rise of telehealth broadened the possibilities of what i.pdf
How has the rise of telehealth broadened the possibilities of what i.pdfHow has the rise of telehealth broadened the possibilities of what i.pdf
How has the rise of telehealth broadened the possibilities of what i.pdfarpitcollections
 
how do you convert analog signals to digital signalsSolutionTh.pdf
how do you convert analog signals to digital signalsSolutionTh.pdfhow do you convert analog signals to digital signalsSolutionTh.pdf
how do you convert analog signals to digital signalsSolutionTh.pdfarpitcollections
 
Fair TradeoffsIf they want to work for us … they must see that t.pdf
Fair TradeoffsIf they want to work for us … they must see that t.pdfFair TradeoffsIf they want to work for us … they must see that t.pdf
Fair TradeoffsIf they want to work for us … they must see that t.pdfarpitcollections
 
Direction of shell coiling in Lymnaeaperegra is strongly and most di.pdf
Direction of shell coiling in Lymnaeaperegra is strongly and most di.pdfDirection of shell coiling in Lymnaeaperegra is strongly and most di.pdf
Direction of shell coiling in Lymnaeaperegra is strongly and most di.pdfarpitcollections
 
f(x) = 2x^2 = f(x) = 2x^2 original function f(x) = x^2 Describe the.pdf
f(x) = 2x^2 = f(x) = 2x^2 original function f(x) = x^2 Describe the.pdff(x) = 2x^2 = f(x) = 2x^2 original function f(x) = x^2 Describe the.pdf
f(x) = 2x^2 = f(x) = 2x^2 original function f(x) = x^2 Describe the.pdfarpitcollections
 
Describe the quaternary structure of insulin, including disulfide bo.pdf
Describe the quaternary structure of insulin, including disulfide bo.pdfDescribe the quaternary structure of insulin, including disulfide bo.pdf
Describe the quaternary structure of insulin, including disulfide bo.pdfarpitcollections
 
Discuss the components and purpose of types of leaves-of-absence, in.pdf
Discuss the components and purpose of types of leaves-of-absence, in.pdfDiscuss the components and purpose of types of leaves-of-absence, in.pdf
Discuss the components and purpose of types of leaves-of-absence, in.pdfarpitcollections
 
Compare and contrast the properties of a centralized and a distribut.pdf
Compare and contrast the properties of a centralized and a distribut.pdfCompare and contrast the properties of a centralized and a distribut.pdf
Compare and contrast the properties of a centralized and a distribut.pdfarpitcollections
 
Baby Billy-Bob has a difficult infant temperament.His parents try .pdf
Baby Billy-Bob has a difficult infant temperament.His parents try .pdfBaby Billy-Bob has a difficult infant temperament.His parents try .pdf
Baby Billy-Bob has a difficult infant temperament.His parents try .pdfarpitcollections
 
A plane left at 3pm flying west at 450 miles per hour. At 330 pm an.pdf
A plane left at 3pm flying west at 450 miles per hour. At 330 pm an.pdfA plane left at 3pm flying west at 450 miles per hour. At 330 pm an.pdf
A plane left at 3pm flying west at 450 miles per hour. At 330 pm an.pdfarpitcollections
 
A man with polydacytly, an autosomal dominant trait, marries a woman.pdf
A man with polydacytly, an autosomal dominant trait, marries a woman.pdfA man with polydacytly, an autosomal dominant trait, marries a woman.pdf
A man with polydacytly, an autosomal dominant trait, marries a woman.pdfarpitcollections
 
1. Marvin is the executor and some heir of his aunts estate. The e.pdf
1. Marvin is the executor and some heir of his aunts estate. The e.pdf1. Marvin is the executor and some heir of his aunts estate. The e.pdf
1. Marvin is the executor and some heir of his aunts estate. The e.pdfarpitcollections
 
___ is a type of homoplasy that reflects the independent evolution o.pdf
___ is a type of homoplasy that reflects the independent evolution o.pdf___ is a type of homoplasy that reflects the independent evolution o.pdf
___ is a type of homoplasy that reflects the independent evolution o.pdfarpitcollections
 
Year-end interfund receivable or payable balances will appear in the.pdf
Year-end interfund receivable or payable balances will appear in the.pdfYear-end interfund receivable or payable balances will appear in the.pdf
Year-end interfund receivable or payable balances will appear in the.pdfarpitcollections
 
Which isare true regarding the lipid bilayerA. It is modeled as .pdf
Which isare true regarding the lipid bilayerA. It is modeled as .pdfWhich isare true regarding the lipid bilayerA. It is modeled as .pdf
Which isare true regarding the lipid bilayerA. It is modeled as .pdfarpitcollections
 
Which statement describes a similarity between the diploid and haplo.pdf
Which statement describes a similarity between the diploid and haplo.pdfWhich statement describes a similarity between the diploid and haplo.pdf
Which statement describes a similarity between the diploid and haplo.pdfarpitcollections
 
Which of the following isareTRUEI. A field can possess zero divi.pdf
Which of the following isareTRUEI. A field can possess zero divi.pdfWhich of the following isareTRUEI. A field can possess zero divi.pdf
Which of the following isareTRUEI. A field can possess zero divi.pdfarpitcollections
 
Which of the groups below are hydrophobic Hydrophilic Explain .pdf
Which of the groups below are hydrophobic Hydrophilic Explain .pdfWhich of the groups below are hydrophobic Hydrophilic Explain .pdf
Which of the groups below are hydrophobic Hydrophilic Explain .pdfarpitcollections
 
Which function has a domain of all real numbers A. y = secx B. y =.pdf
Which function has a domain of all real numbers A. y = secx B. y =.pdfWhich function has a domain of all real numbers A. y = secx B. y =.pdf
Which function has a domain of all real numbers A. y = secx B. y =.pdfarpitcollections
 
When 3013 adults were survery in a poll, 73 said they use the Inter.pdf
When 3013 adults were survery in a poll, 73 said they use the Inter.pdfWhen 3013 adults were survery in a poll, 73 said they use the Inter.pdf
When 3013 adults were survery in a poll, 73 said they use the Inter.pdfarpitcollections
 

More from arpitcollections (20)

How has the rise of telehealth broadened the possibilities of what i.pdf
How has the rise of telehealth broadened the possibilities of what i.pdfHow has the rise of telehealth broadened the possibilities of what i.pdf
How has the rise of telehealth broadened the possibilities of what i.pdf
 
how do you convert analog signals to digital signalsSolutionTh.pdf
how do you convert analog signals to digital signalsSolutionTh.pdfhow do you convert analog signals to digital signalsSolutionTh.pdf
how do you convert analog signals to digital signalsSolutionTh.pdf
 
Fair TradeoffsIf they want to work for us … they must see that t.pdf
Fair TradeoffsIf they want to work for us … they must see that t.pdfFair TradeoffsIf they want to work for us … they must see that t.pdf
Fair TradeoffsIf they want to work for us … they must see that t.pdf
 
Direction of shell coiling in Lymnaeaperegra is strongly and most di.pdf
Direction of shell coiling in Lymnaeaperegra is strongly and most di.pdfDirection of shell coiling in Lymnaeaperegra is strongly and most di.pdf
Direction of shell coiling in Lymnaeaperegra is strongly and most di.pdf
 
f(x) = 2x^2 = f(x) = 2x^2 original function f(x) = x^2 Describe the.pdf
f(x) = 2x^2 = f(x) = 2x^2 original function f(x) = x^2 Describe the.pdff(x) = 2x^2 = f(x) = 2x^2 original function f(x) = x^2 Describe the.pdf
f(x) = 2x^2 = f(x) = 2x^2 original function f(x) = x^2 Describe the.pdf
 
Describe the quaternary structure of insulin, including disulfide bo.pdf
Describe the quaternary structure of insulin, including disulfide bo.pdfDescribe the quaternary structure of insulin, including disulfide bo.pdf
Describe the quaternary structure of insulin, including disulfide bo.pdf
 
Discuss the components and purpose of types of leaves-of-absence, in.pdf
Discuss the components and purpose of types of leaves-of-absence, in.pdfDiscuss the components and purpose of types of leaves-of-absence, in.pdf
Discuss the components and purpose of types of leaves-of-absence, in.pdf
 
Compare and contrast the properties of a centralized and a distribut.pdf
Compare and contrast the properties of a centralized and a distribut.pdfCompare and contrast the properties of a centralized and a distribut.pdf
Compare and contrast the properties of a centralized and a distribut.pdf
 
Baby Billy-Bob has a difficult infant temperament.His parents try .pdf
Baby Billy-Bob has a difficult infant temperament.His parents try .pdfBaby Billy-Bob has a difficult infant temperament.His parents try .pdf
Baby Billy-Bob has a difficult infant temperament.His parents try .pdf
 
A plane left at 3pm flying west at 450 miles per hour. At 330 pm an.pdf
A plane left at 3pm flying west at 450 miles per hour. At 330 pm an.pdfA plane left at 3pm flying west at 450 miles per hour. At 330 pm an.pdf
A plane left at 3pm flying west at 450 miles per hour. At 330 pm an.pdf
 
A man with polydacytly, an autosomal dominant trait, marries a woman.pdf
A man with polydacytly, an autosomal dominant trait, marries a woman.pdfA man with polydacytly, an autosomal dominant trait, marries a woman.pdf
A man with polydacytly, an autosomal dominant trait, marries a woman.pdf
 
1. Marvin is the executor and some heir of his aunts estate. The e.pdf
1. Marvin is the executor and some heir of his aunts estate. The e.pdf1. Marvin is the executor and some heir of his aunts estate. The e.pdf
1. Marvin is the executor and some heir of his aunts estate. The e.pdf
 
___ is a type of homoplasy that reflects the independent evolution o.pdf
___ is a type of homoplasy that reflects the independent evolution o.pdf___ is a type of homoplasy that reflects the independent evolution o.pdf
___ is a type of homoplasy that reflects the independent evolution o.pdf
 
Year-end interfund receivable or payable balances will appear in the.pdf
Year-end interfund receivable or payable balances will appear in the.pdfYear-end interfund receivable or payable balances will appear in the.pdf
Year-end interfund receivable or payable balances will appear in the.pdf
 
Which isare true regarding the lipid bilayerA. It is modeled as .pdf
Which isare true regarding the lipid bilayerA. It is modeled as .pdfWhich isare true regarding the lipid bilayerA. It is modeled as .pdf
Which isare true regarding the lipid bilayerA. It is modeled as .pdf
 
Which statement describes a similarity between the diploid and haplo.pdf
Which statement describes a similarity between the diploid and haplo.pdfWhich statement describes a similarity between the diploid and haplo.pdf
Which statement describes a similarity between the diploid and haplo.pdf
 
Which of the following isareTRUEI. A field can possess zero divi.pdf
Which of the following isareTRUEI. A field can possess zero divi.pdfWhich of the following isareTRUEI. A field can possess zero divi.pdf
Which of the following isareTRUEI. A field can possess zero divi.pdf
 
Which of the groups below are hydrophobic Hydrophilic Explain .pdf
Which of the groups below are hydrophobic Hydrophilic Explain .pdfWhich of the groups below are hydrophobic Hydrophilic Explain .pdf
Which of the groups below are hydrophobic Hydrophilic Explain .pdf
 
Which function has a domain of all real numbers A. y = secx B. y =.pdf
Which function has a domain of all real numbers A. y = secx B. y =.pdfWhich function has a domain of all real numbers A. y = secx B. y =.pdf
Which function has a domain of all real numbers A. y = secx B. y =.pdf
 
When 3013 adults were survery in a poll, 73 said they use the Inter.pdf
When 3013 adults were survery in a poll, 73 said they use the Inter.pdfWhen 3013 adults were survery in a poll, 73 said they use the Inter.pdf
When 3013 adults were survery in a poll, 73 said they use the Inter.pdf
 

Recently uploaded

How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17Celine George
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxCeline George
 
Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111GangaMaiya1
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...Poonam Aher Patil
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentationcamerronhm
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxJisc
 
Basic Intentional Injuries Health Education
Basic Intentional Injuries Health EducationBasic Intentional Injuries Health Education
Basic Intentional Injuries Health EducationNeilDeclaro1
 
Tatlong Kwento ni Lola basyang-1.pdf arts
Tatlong Kwento ni Lola basyang-1.pdf artsTatlong Kwento ni Lola basyang-1.pdf arts
Tatlong Kwento ni Lola basyang-1.pdf artsNbelano25
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...Nguyen Thanh Tu Collection
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxEsquimalt MFRC
 
Simple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdfSimple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdfstareducators107
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxPooja Bhuva
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17Celine George
 
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSSpellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSAnaAcapella
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxheathfieldcps1
 

Recently uploaded (20)

How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
Call Girls in Uttam Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in Uttam Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7Call Girls in Uttam Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in Uttam Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7
 
Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
Basic Intentional Injuries Health Education
Basic Intentional Injuries Health EducationBasic Intentional Injuries Health Education
Basic Intentional Injuries Health Education
 
Tatlong Kwento ni Lola basyang-1.pdf arts
Tatlong Kwento ni Lola basyang-1.pdf artsTatlong Kwento ni Lola basyang-1.pdf arts
Tatlong Kwento ni Lola basyang-1.pdf arts
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
Simple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdfSimple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdf
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSSpellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 

DNS play an important role in a network. It is therefore important f.pdf

  • 1. DNS play an important role in a network. It is therefore important for the information in a DNS table to be protected from authorized modification. Write your paper on protecting the information in a DNS table. Solution The DNS protocol leverages the User Datagram Protocol (UDP) for the majority of its operations. UDP is a connectionless protocol and, as such, it can be easily spoofed. Many of the attacks described in this document rely on spoofing to be successful. Several security controls can be implemented to limit spoofing. These controls are described in the following sections. Unicast Reverse Path Forwarding Unicast Reverse Path Forwarding (Unicast RPF) is a feature that can reduce the effectiveness of packets with spoofed source addresses. A network device using Unicast RPF evaluates the source of each IP packet against its local routing table in order to determine source address validity. While it can detect and filter some spoofed traffic, Unicast RPF does not provide complete protection against spoofing because spoofed and valid packets with the same source address may arrive on the same interface. Unicast RPF operates in two modes: strict and loose. In strict mode, the Unicast RPF feature uses the local routing table to determine if the source address within a packet is reachable through the interface on which the packet was received. If it is reachable, the packet is permitted; if it was not, the packet is dropped. Strict mode Unicast RPF is best deployed on network boundaries where traffic asymmetry is not prevalent. Strict mode Unicast RPF is enabled on Cisco IOS devices using the interface configuration command ip verify unicast source reachable-via rx; the previous format of this command was ip verify unicast reverse-path. Strict mode Unicast RPF can be enabled on the Cisco PIX, ASA, and FWSM firewalls using the ip verify reverse-path interface interface configuration command. In loose mode Unicast RPF, if the source address of a packet is reachable through any interface on the Unicast RPF enabled device, the packet is permitted. If the source address of the IP packet is not present in the routing table, the packet is dropped. Loose mode Unicast RPF can be enabled on Cisco IOS devices using the ip verify source reachable-via any interface configuration command; loose mode Unicast RPF is not available on Cisco PIX, ASA or FWSM firewalls. More information about Unicast RPF is available in the Applied Intelligence Understanding Unicast Reverse Path Forwarding white paper.
  • 2. IP Source Guard IP source guard is a Layer 2 security feature that builds upon Unicast RPF and DHCP snooping to filter spoofed traffic on individual switch ports. DHCP snooping, which is a prerequisite of IP source guard, inspects DHCP traffic within a VLAN to understand which IP addresses have been assigned to which network devices on which physical switch port. Once this information has been gathered and stored in the DHCP snooping bindings table, IP source guard is able to leverage it to filter IP packets received by a network device. If a packet is received with a source address that does not match the DHCP snooping bindings table, the packet is dropped. The implementation of IP source guard within the access layer of a network can effectively eliminate the origination of spoofed IP traffic. However, because it requires DHCP to remain manageable, it is not possible to deploy IP source guard on internal-to-external network boundaries.