This talk will focus on how to exploit a network by targeting the various first hop protocols. Attack vectors for crafting custom packets as well a few of the available tools for layer 2 network protocols exploitation will be covered. Defensive mitigations and recommendations for adding secure visualization and instrumentation for layer 2 will be provided.
Our presentation to UKNOF in September 2020
In two very long nights of maintenance we acheived:
- Full table BGP on VyOS converge time in seconds
- Routing on MikroTiks converges near-instantly
- BCP38 (customers cannot spoof source address)
- IRR filtering* (only accept where route/route6 object)
- RPKI (will not accept invalid routes from P/T)
- Templated configuration (repeatable, automated) Single source of truth (the docs become the config)
Webinar NETGEAR - Switch Prosafe Stackable per l'alta disponibilità (HA) dell...Netgear Italia
La funzionalità di true stacking per il disegno di una rete, o parti essa, in alta disponibilità. Una rapida analisi delle opportunità messe a disposizione dalla linea di prodotti Prosafe con le famiglie di switch S3300, M4300, M5300 e M7300.
Full table BGP on VyOS converge time in seconds
Routing on MikroTiks converges near-instantly
BCP38 (customers cannot spoof source address)
IRR filtering (only accept where route/route6 object)
RPKI (will not accept invalid routes from P/T)
Templated configuration (repeatable, automated)
Single source of truth (the docs become the config)
VyOS SaltStack YAML Netbox BGP OSPF FRR RPKI IRR XDP
bgpq3 UTRS RTBH NetFlow
RIPE NCC Update 2019-10-02
Our presentation to UKNOF in September 2020
In two very long nights of maintenance we acheived:
- Full table BGP on VyOS converge time in seconds
- Routing on MikroTiks converges near-instantly
- BCP38 (customers cannot spoof source address)
- IRR filtering* (only accept where route/route6 object)
- RPKI (will not accept invalid routes from P/T)
- Templated configuration (repeatable, automated) Single source of truth (the docs become the config)
Webinar NETGEAR - Switch Prosafe Stackable per l'alta disponibilità (HA) dell...Netgear Italia
La funzionalità di true stacking per il disegno di una rete, o parti essa, in alta disponibilità. Una rapida analisi delle opportunità messe a disposizione dalla linea di prodotti Prosafe con le famiglie di switch S3300, M4300, M5300 e M7300.
Full table BGP on VyOS converge time in seconds
Routing on MikroTiks converges near-instantly
BCP38 (customers cannot spoof source address)
IRR filtering (only accept where route/route6 object)
RPKI (will not accept invalid routes from P/T)
Templated configuration (repeatable, automated)
Single source of truth (the docs become the config)
VyOS SaltStack YAML Netbox BGP OSPF FRR RPKI IRR XDP
bgpq3 UTRS RTBH NetFlow
RIPE NCC Update 2019-10-02
Cisco CCNA Training/Exam Tips that are helpful for your Certification Exam!
To be Cisco Certified please Check out:
http://asmed.com/information-technology-it/
Cisco CCNA Training/Exam Tips that are helpful for your Certification Exam!
To be Cisco Certified please Check out:
http://asmed.com/information-technology-it/
Technical Presentation about the MidoNet architecture and in-depth discussion about MidoNet features like Distributed Layer 2 Switching, Distributed Layer 3 Routing, Firewall, NAT and Distributed Flow State.
About MidoNet
Taking an overlay-based approach to network virtualization, MidoNet sits on top of any IP-connected network, and pushes the network intelligence to the edge of the network, in software. MidoNet makes it possible to build an IaaS cloud with fully virtualized and distributed scale-out L2-L4 networking.
Presenter: Taku Fukushima, Midokura Engineering
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...Louis Göhl
Take a sprinkling of Windows 7, add Windows Server 2008 R2, IPv6 and IPsec and you have a solution that will allow direct access to your corporate network without the need for VPNs. Come to these demo-rich sessions and learn how to integrate DirectAccess into your environment. In Part 1 learn about IPv6 addressing, host configuration and transitioning technologies including 6to4, ISATAP, Teredo and IPHTTPS. Through a series of demos learn how to build an IPv6 Network and interoperate with IPv4 networks and hosts. In Part 2 we add the details of IPSec, and components that are only available with Windows 7 and Windows Server 2008 R2 to build the DirectAccess infrastructure. Learn how to control access to corporate resources and manage Internet connected PCs through group policy. Part 1 is highly recommended as a prerequisite for Part 2.
CisCon 2017 - I problemi di scalabilità delle tradizionali reti IP nei modern...AreaNetworking.it
Al CisCon 2017, Ruben del Monte (Network Consulting Engineer in IT Global Consulting Srl, CCIE #54221) ha tenuto uno speech dal titolo "I problemi di scalabilità delle tradizionali reti IP nei moderni datacenters".
Abstract presente su http://www.ciscon.net/il-programma/
Free CCNP switching workbook by networkershome pdfNetworkershome
ccnp workbook and lab manual by NETWORKERS HOME. NETWORKERS HOME understand the importance of CCNP switching workbook when it comes Cisco certification which is why we offered free CCNP switching workbook.
WiFiSlax es una distribución GNU/Linux diseñada y estructurada para la auditoría de seguridad, especializada en evaluaciones de seguridad inalámbrica.
Contiene una amplia lista de herramientas de seguridad y auditoría donde se incluyen escáneres de puertos, de servicios y de vulnerabilidades, herramientas para creación y diseño de exploits, ‘sniffers’, herramientas de análisis forense y herramientas para la evaluación de la seguridad de dispositivos wíreless.
En esta presentación oficial de la versión 4.0 se mostrarán una serie de importantes cambios estructurales que han permitido al grupo de desarrolladores continuar innovando en cuanto al soporte hardware tal y como han hecho en sus anteriores versiones anticipándose al resto de distribuciones. Estos cambios les han permitido mantenerse en la vanguardia en las tecnologías inalámbricas.
I tried to make as detailed, clear, abundant example and visual presentation of VLANs as possible. You can contact the e-mail address in the slide to get information about the yours issue or correct my any mistakes.
Similar to Exploiting First Hop Protocols to Own the Network - Paul Coggin (20)
CyberOm - Hacking the Wellness Code in a Chaotic Cyber WorldEC-Council
Learn how to find peace and happiness within you and around you amidst chaos and understanding how the mind-body-energy connection plays a crucial role in the world of Cyber. Mental health and wellness can be the difference between a Cyber professional and a criminal.
Cloud Security Architecture - a different approachEC-Council
Whether people admit or not, everyone is moving to the cloud and all future business will run somewhere on the internet. Moving to the cloud requires different set of architecture and mindset. Data is stored, accessed and processed on different platforms and devices. Employees are working anywhere from the world, corporate data is no more under company IT custody. CISOs and CIOs need to think differently and set new Cloud Security Architecture. This session will try to draw the main areas of concern from Security perspective while moving to the cloud.
This webinar is primarily intended for those that are in need of an informational overview on how to respond to information security incidents or have a responsibility for doing so. It will also assist with your preparation for a Computer Security Incident Handling certification.
Hacking Your Career – Hacker Halted 2019 – Keith TurpinEC-Council
HACKING YOUR CAREER
Learn how to take charge of your future and ring success out of every opportunity. I had some hard lessons on my way to becoming the CISO of a billion dollar company and now you can benefit from those experiences. In this candid conversation, you will learn the secrets to kicking your career’s ass.
HACKING DIVERSITY
We talk a lot about why diversity is important and we are all familiar with the woeful inclusion stats. In this talk we will discuss why diversity is important from both the perspective of an organization’s bottom line and the individual contributor.
Cloud Proxy Technology – Hacker Halted 2019 – Jeff SilverEC-Council
CLOUD PROXY TECHNOLOGY [THE CHANGING LANDSCAPE OF THE NETWORK PROXY]
This class will cover the distinctions between traditional proxy technology and the emergence in recent years of cloud proxy and why it matters to organizations today. We will review real use cases and their corresponding screen shots to provide a stimulating session.
DNS – Strategies for Reducing Data Leakage & Protecting Online Privacy – Hack...EC-Council
DNS: STRATEGIES FOR REDUCING DATA LEAKAGE & PROTECTING ONLINE PRIVACY
DNS is the foundational protocol used to directly nearly all Internet traffic making the collection and analysis of DNS traffic highly valuable. This talk will examine ways in which you can effectively limit the disclosure of your online habits through securing the way your local DNS resolvers work.
Data in cars can be creepy – Hacker Halted 2019 – Andrea AmicoEC-Council
THE $750 BILLION VEHICLE DATA GOLD RUSH – PIRATES AHOY!
Vehicle data may be worth $750b by 2030. Problem: vehicle security, privacy, and user awareness of risks are inadequate. Andrea Amico will share some exploits including his “CarsBlues” which exposes people’s personal data, affects 22 makes, and is still a 0-Day for tens of millions of vehicles.
BREAKING SMART [BANK] STATEMENTS
Explanation of how I find and exploit a security flaw (bad implementation of cryptography) in a bank statement, sent via email, of one of the biggest banks in Mexico.
Are your cloud servers under attack?– Hacker Halted 2019 – Brian HilemanEC-Council
ARE YOUR CLOUD SERVERS UNDER ATTACK
For this presentation, I built out a test lab in AWS and allowed someone to hack the servers. I will talk about what we saw when we opened RDP to the internet, what the hackers did once they got in, and someone trying to kick me off my own servers.
How to become a Security Behavior Alchemist – Global CISO Forum 2019 – Perry ...EC-Council
Behold the powers of behavioral alchemy! Are you ready to unleash 4 "Trojan Horses for the Mind" that will change the way you communicate forever? How about a magic wand that will help manifest secure behaviors and shape culture? Attend this session and harness the power.
Introduction to FAIR Risk Methodology – Global CISO Forum 2019 – Donna Gall...EC-Council
Present your risk assessments to your board of directors in the language they understand - financial loss. "FAIR" or "Factor Analysis of Information Risk" is the quantitative risk analysis methodology that works with common frameworks while adding context for truly effective risk management.
Alexa is a snitch! Hacker Halted 2019 - Wes WidnerEC-Council
ALEXA IS A SNITCH!
You’re not paranoid, your voice assistant is listening. And what’s worse, Alexa is stitching on you! What is she hearing? Where is she sending it? And is there anything we can do to stop her?!
Join me as we discuss the current state of security around voice assistants. And how to silence them.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
3. UNCLASSIFIED
V100230_Faint
UNCLASSIFIED
3
UNCLASSIFIED0000-00-yymm Information Engineering Solutions
ARP Poisoning
Corporate
Server
IP 172.16.1.1
User 1
IP 192.168.1.2
MAC 2222.2222.2222
User 3
IP 192.168.1.3
MAC 3333.3333.3333
Router
IP 192.168.1.1
MAC 1111.1111.1111
Gratuitous ARP – User 1 traffic to server redirected to User 3
172.16.1.1
MAC 3333.3333.3333
Gratuitous ARP – Return traffic redirected to User 3
192.168.1.2
MAC 3333.3333.3333
Cain and Abel
Ettercap
User 1
ARP Cache Poisoned
Router
ARP Cache Poisoned
5. UNCLASSIFIED
V100230_Faint
UNCLASSIFIED
5
UNCLASSIFIED0000-00-yymm Information Engineering Solutions
Rogue DHCP Server
DHCP Client
Corporate
DHCP Server
Rogue User
Unauthorized DHCP Server
• Allocates bad DNS server or default gateway
Denial of service by exhausting the leases in the DHCP scope
• Tools – Yersinia, Gobbler
Mitigation
• Limit MAC addresses per interface
• VACL’s to block DHCP UDP 68
• DHCP snooping TrustedUntrusted (mitigates client hardware address change)
6. UNCLASSIFIED
V100230_Faint
UNCLASSIFIED
6
UNCLASSIFIED0000-00-yymm Information Engineering Solutions
Lawful Intercept
Identify Physical Source of Traffic
DHCP
with Option 82
Support
Example Enterprise Network
DHCP Option 82 provides the DSLAM and Switch Name and
the Physical Interface That Requested a DHCP IP Address
DHCP request
DHCP response with IP address
DHCP request with sub ID in Option identifier (RFC 3046)
Ethernet
Access Domain
MAC B
MAC C
MAC A
ISP
DHCP
ServerADSL
modem
IP
DSLAM PE-AGG
DSL
CPE
L3VPN-PE
9. UNCLASSIFIED
V100230_Faint
UNCLASSIFIED
9
UNCLASSIFIED0000-00-yymm Information Engineering Solutions
VLAN Hopping – Dynamic Trunking Protocol
• Dynamic Trunk Protocol (DTP) Modes : Auto, On, Off, Desirable, Non-negotiate
• IP Phones, Wireless Access Points
• All VLANs are trunked by default
• Native VLAN (untagged); Default Native VLAN 1 and required by DTP
• Yersinia or other packet crafting tools
• Disable trunking on interfaces where not in use
• Specify VLANs to be allowed on trunk interfaces
• Do not use Native VLAN 1
VLAN 50
VLAN 60
VLAN 50
VLAN 40
VLAN 60
DTP Trunk
Spoof DTP to look like switch
(Yersinia)
10. UNCLASSIFIED
V100230_Faint
UNCLASSIFIED
10
UNCLASSIFIED0000-00-yymm Information Engineering Solutions
VLAN Hopping – Double VLAN Tag
• No two-way communication. Frames sent to target with no response to sender.
• Craft Frames with double encapsulated frames
• VLAN trunking is not required in this scenario
• Disable AUTODYNAMIC NEGOTIATION!
• Don’t use native VLAN 1. Use tagged mode for native VLAN x on trunks
• Disable interfaces not in use
VLAN 50
VLAN 60
VLAN 50
VLAN 40
VLAN 60
VLAN 10
Yersinia
VLAN
10,
VLAN
40
VLAN
40
Tag
Frame
Untagged
Frame
Switch strips off
first VLAN ID
11. UNCLASSIFIED
V100230_Faint
UNCLASSIFIED
11
UNCLASSIFIED0000-00-yymm Information Engineering Solutions
CAM Table Overflow Attack
Yersinia, Macof, DSNIFF
Node
2
to
Node
4
Node
2
to
Node
4
Node 1
Node 2
Node 4
Node 3
Node
2
to
Node
4
Switch CAM table exploited resulting in switch VLAN operating like a shared Ethernet hub
Attack may cause multiple switches to fallback to shared Ethernet behavior
Implement port security to limit MACs per interface, SNMP Traps
12. UNCLASSIFIED
V100230_Faint
UNCLASSIFIED
12
UNCLASSIFIED0000-00-yymm Information Engineering Solutions
VLAN Trunking Protocol (VTP)
VTP
Server
Transparent
(VTP DB rev 0) VTP
Client
VTP
Client
802.1Q Trunk
802.1Q Trunk
802.1Q Trunk
• VLANs are addedremoved on VTP Server
• VLAN modifications propagated to VTP Clients
• Common VTP Domain name and password
• Same Native VLAN on Trunk
• Sync to latest changes
VTP
Client
802.1Q Trunk
13. UNCLASSIFIED
V100230_Faint
UNCLASSIFIED
13
UNCLASSIFIED0000-00-yymm Information Engineering Solutions
VLAN Trunking Protocol (VTP) - Security
VTP
Server
Transparent
(VTP DB rev 0) VTP
Client
VTP
Client
802.1Q Trunk
802.1Q Trunk
802.1Q Trunk
• Existing network running default VTP settings
• Switches sync to higher rev VTP DB resulting in VLAN config being lost!!
• Everyone has a current VLAN.DAT backup right??
• Configure a password for VTP Domain (NOT Cisco….SanFran….)
• Delete VLAN.DAT before connecting a new switch
• Change the native VLAN to something other than 1
VTP
Client
802.1Q Trunk
Switch with higher
rev of VTP DB added
14. UNCLASSIFIED
V100230_Faint
UNCLASSIFIED
14
UNCLASSIFIED0000-00-yymm Information Engineering Solutions
Broadcast Storms
VLAN 20
VLAN 20
VLAN 20
VLAN 20
VLAN 20
Rogue Insider
Misconfigured Application
Failed NIC
Broadcast storm propagated across VLAN
VLAN 20
Traffic Storm Control limits unicast, multicast, broadcast traffic to a % of port BW
• Not enabled on interfaces by default (add to template configuration for port security)
• Traffic that exceeds configured threshold will be dropped
• Violations can be configured to be shutdown or send a SNMP Trap(recommend v3)
15. UNCLASSIFIED
V100230_Faint
UNCLASSIFIED
15
UNCLASSIFIED0000-00-yymm Information Engineering Solutions
Protocol Hacking Tools
GSN3
SCAPY
Colasoft Packet Builder
Many others…
(Remember to enable IP forwarding)
First Hop Redundancy Protocols
Global Load Balancing Protocol (GLBP)
Hot Standby Router Protocol (HSRP)
Virtual Redundant Router Protocol (VRRP)
Active router
192.168.1.1
Backup router
192.168.1.2Virtual router
192.168.1.3
192.168.1.50
Multicast protocol
Priority elects role
MD5, clear, no authentication
V
V
Rogue
Insider
21. UNCLASSIFIED
V100230_Faint
UNCLASSIFIED
21
UNCLASSIFIED0000-00-yymm Information Engineering Solutions
DMZ Layer 2 Security
Secure DMZ Trusts
- PVLAN
- VACL
- Separate Virtual or Physical
Int w/ ACL’s
- Develop a network traffic
matrix to define required
network traffic flows
WWW
DNS
SMTP
SharePoint
DMZ
- Typically single VLAN
- Open trusts Inside VLAN
- DMZ to Internal AD integ.
- Pivot from DMZ to Internal network
Internal Network
Database Email DNS
*NIX w/NIS(AD Integ.)
Active Directory
Internet
22. UNCLASSIFIED
V100230_Faint
UNCLASSIFIED
22
UNCLASSIFIED0000-00-yymm Information Engineering Solutions
Layer 2 – Secure Visualization and Instrumentation
TAP/Sniffer
NOC SOC
Out-of-bound
Network
Whitelist the Layer 2 Network Trust Relationships
Whitelist Trusted Information Flows in Monitoring
Secure Control, Management, Data Planes
In-band Monitoring
EPC
SPAN
RSPAN
ERSPAN
Netflow
23. UNCLASSIFIED
V100230_Faint
UNCLASSIFIED
23
UNCLASSIFIED0000-00-yymm Information Engineering Solutions
Layer 2 Security Recommendations
• Cisco TrustSec – Identity Services Engine
• 802.1x with 2 factor authentication
• Private VLANs
• VLAN Access Control Lists (VACL)
• Root Guard
• BPDU Guard
• Secure VTP protocol
• Disable VLAN trunking where not in use
• Storm Control
• IPv6 Port Security
• Dynamic ARP Inspection
• IP Source Inspection
• DHCP Option 82 Logging
• Secure DHCP Trusts
• Layer 2 Secure Visualization and Instrumentation
24. UNCLASSIFIED
V100230_Faint
UNCLASSIFIED
24
UNCLASSIFIED0000-00-yymm Information Engineering Solutions
References
LAN
Switch
Security
–
What
Hackers
Know
About
Your
Switches,
Eric
Vyncke,
Christopher
Paggen,
Cisco
Press
Enno
Rey
-‐
@Enno_Insinuator,
@WEareTROOPERS
,
ERNW
Papers
and
Resources
,www.ernw.de,
www.insinuator.net
Ivan
PepeInjak
-‐
@IOShints,
Papers
and
Resources,
hWp://www.ipspace.net
IPv6
Security,
ScoW
Hogg
and
Eric
Vyncke,
Cisco
Press
IPv6
Security,
ScoW
Hogg,
hWp://www.gtri.com/wp-‐content/uploads/2014/10/IPv6-‐Hacker-‐Halted-‐The-‐Hacker-‐Code-‐Angels-‐vs-‐Demons.pdf
The
Pracce
of
Network
Security
Monitoring,
Ricard
Bejtlich,
No
Starch
Press
Router
Security
Strategies
Securing
IP
Network
Traffic
Planes,
Gregg
Schudel,
David
J.
Smith,
Cisco
Press
hWps://www.cisco.com/go/safe
hWp://docwiki.cisco.com/wiki/FHS
hWp://www.netopcs.com/blog/01-‐07-‐2011/sample-‐pcap-‐files
hWp://www.cisco.com/c/en/us/td/docs/ios-‐xml/ios/ipapp_drp/configuraon/12-‐4/dp-‐12-‐4-‐book.html
hWp://www.cisco.com/c/en/us/td/docs/soluons/Enterprise/Security/Baseline_Security/securebasebook/sec_chap8.html
hWp://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-‐2SX/best/pracces/recommendaons.html
hWp://www.cisco.com/c/en/us/td/docs/soluons/Enterprise/Security/Baseline_Security/securebasebook/sec_chap8.html
hWp://www.cisco.com/web/about/security/intelligence/ipv6_first_hop.html
hWp://www.cisco.com/c/en/us/support/docs/ip/access-‐lists/13608-‐21.html
hWp://monkey.org/~dugsong/dsniff/
hWps://www.yersinia.net
hWps://www.nsa.gov/ia/_files/factsheets/Factsheet-‐Cisco%20Port%20Security.pdf
hWp://iase.disa.mil/sgs/net_perimeter/network-‐infrastructure/Pages/index.aspx