Posts Tagged ‘ telnet

Configuring a catalyst switch 26 August 2008 at 5:32 pm by admin
(0) comments | Add your comments

Configuring a Web Interface:

Switches have web-based config tools that require an onboard HTTP server:
Web browser GUI.
Security Device Manager (SDM).
IP Phone and Telephony apps.
HTTP services ? security hole ? optional authentication.
If many users access HTTP services you may require a separate authentication server.
AAA and TACACS can be used to validate user credentials, (robust).
A less complex method allows use of the enable password.
A local authentication method requires the user to use a login username and password specified in the config.

S1(config)#ip http server ? turns on the server (on by default).
S1(config)#ip http authentication enable.

Read the rest of this entry →

Tags: wan, switch, cisco, router, vtp, study

+ Switch security & common attacks By admin 18 June 2008 at 5:13 pm and have Comments Off

Security on a switch

eMac address flooding or overflow attacks
Switches learn a source MAC address from the MAC address table
If a frame enters a switch and it does not find the destination MAC address in the table, the switch acts like a hub and floods it out all ports. Mac address tables have a limited size.
MAC address flooding uses this limitation to bombard the switch with fake addresses until the table is full. The switch then enters fail-open mode and will act like a hub.
As a result, an attacker can see all of the frames passing through the switch.

Read the rest of this entry →