Data-plane attacks and Mitigation Techniques

Posted byFarzand AliPosted inCCNA / CCNP RnS, Security - CCNA / CCNP Security
  1. CAM Table OverFlow Attack (DoS attack)(macof –i eth0): Port-Security
  2. DHCP Starvation Attack (DoS attack): Port-Security and Rate-limiting requests.
  3. DHCP Spoofing/Rogue DHCP Attack (Mitm attack): DHCP Snooping
  4. VLAN Hopping attack (negotiate trunk using DTP)(yersinia -G): set all the ports not connected to switches to no-negotiate and access ports, as by default they are set to negotiate i.e. ‘dynamic-auto’.

Also don’t use vlan1 as native vlan.

  1. Rogue Switch Attack (Switch Mitm i.e. becomes the root bridge): portfast and BPDU Guard (turned ON globally if the port is an access port)(shuts the port down).

BPDU Filter (Doesn’t allow BPDUs, but doesn’t shut the port down).

Root Guard (tell the switch that certain ports can’t be root ports i.e. if you are connected to legitimate switches).

  1. Arp Spoofing/ARP Poisoning attack (Gratuitous ARP) (Mitm attack): DAI (Dynamic Arp Inspection)
Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: