CCNA RnS Subnetting_Commands_Notes

CCNA RnS Subnetting_Commands_Notes

Data-plane attacks and Mitigation Techniques

  1. CAM Table OverFlow Attack (DoS attack)(macof –i eth0): Port-Security
  2. DHCP Starvation Attack (DoS attack): Port-Security and Rate-limiting requests.
  3. DHCP Spoofing/Rogue DHCP Attack (Mitm attack): DHCP Snooping
  4. VLAN Hopping attack (negotiate trunk using DTP)(yersinia -G): set all the ports not connected to switches to no-negotiate and access ports, as by default they are set to negotiate i.e. ‘dynamic-auto’.

Also don’t use vlan1 as native vlan.

  1. Rogue Switch Attack (Switch Mitm i.e. becomes the root bridge): portfast and BPDU Guard (turned ON globally if the port is an access port)(shuts the port down).

BPDU Filter (Doesn’t allow BPDUs, but doesn’t shut the port down).

Root Guard (tell the switch that certain ports can’t be root ports i.e. if you are connected to legitimate switches).

  1. Arp Spoofing/ARP Poisoning attack (Gratuitous ARP) (Mitm attack): DAI (Dynamic Arp Inspection)

Different Cisco OS

Cisco has a whole bunch of different operating systems for a variety of products:

  • IOS runs on most Cisco routers and switches.
  • IOS XE is a more modern, modular version of IOS.
  • IOS XR runs on high-end routers.
  • NX-OS runs on the Nexus line of datacenter switches.
  • ASA OS runs on Cisco ASA devices.
  • AireOS runs on Access Points.

IPv4 Quick Subnetting

IPv4 Quick Subnetting

Quick Interview Review Cisco Commands

Quick Interview Review Cisco Commands

Basic Networking Commands (Revision Notes)

Basic Networking Commands (Revision Notes)

ITIL Quick reference


Cisco IOS and NX-OS comparison

Quick Review Notes CCNA DC Cisco 640-911 DCICN

Quick Review Notes CCNA DC Cisco 640-911 DCICN

Building Good IT Training Habits with Keith Barker