Introducing the Topology:
The show controllers command reveals whether the cable is DCE or DTE.
#show controllers serial 0/0/0
Interface serial0/0/0
Hardware is powerQUICC MPC860
DCE v.35, no clock
Interfaces:
By default all Serial and Ethernet interfaces are down.
The routing table will be empty.
Debugging:
Allows us to watch changes a router performs in real time.
For example, to observe routes being added and removed.
#debug ip routing
#undebug all (disables all debug commands). or
#no debug all. or
#un a. (short form)
Read the rest of this entry →
Tags: 802.1q, study, vlan, switch, vtp, wan
Security on a switch
eMac address flooding or overflow attacks
Switches learn a source MAC address from the MAC address table
If a frame enters a switch and it does not find the destination MAC address in the table, the switch acts like a hub and floods it out all ports. Mac address tables have a limited size.
MAC address flooding uses this limitation to bombard the switch with fake addresses until the table is full. The switch then enters fail-open mode and will act like a hub.
As a result, an attacker can see all of the frames passing through the switch.
Read the rest of this entry →
