tailieunhanh - LAN Switch Security What Hackers Know About Your Switches
LAN and Ethernet switches are usually considered as plumbing. They are easy to install and configure, but it is easy to forget about security when things appear to be simple. Multiple vulnerabilities exist in Ethernet switches. Attack tools to exploit them started to appear a couple of years ago (for example, the well-known dsniff package). By using those attack tools, a hacker can defeat the security myth of a switch, which incorrectly states that sniffing and packet interception are impossible with a switch. Indeed, with dsniff, cain, and other user-friendly tools on a Microsoft Windows or Linux system, a hacker can easily divert any traffic to. | LAN Switch Security What Hackers Know About Your Switches Eric Vyncke and Christopher Paggen, CCIE No. 2659 Cisco Press Cisco Press 800 East 96th Street Indianapolis, IN 46240 USA ii LAN Switch Security What Hackers Know About Your Switches Eric Vyncke Christopher Paggen Copyright© 2008 Cisco Systems, Inc. Published by: Cisco Press 800 East 96th Street Indianapolis, IN 46240 USA All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without writ- ten permission from the publisher, except for the inclusion of brief quotations in a review. Printed in the United States of America First Printing August 2007 Library of Congress Cataloging-in-Publication Data: Vyncke, Eric. LAN switch security : what hackers know about your switches / Eric Vyncke, Christopher Paggen. p. cm. ISBN 978-1-58705-256-9 (pbk.) 1. Local area networks (Computer networks)--Security measures. 2. Telecommunication--Switching systems-- Security measures. I. Paggen, Chris. II. Title. III. Title: What hackers know about your switches. 2008 2007030673 ISBN-13: 978-1-58705-256-9 ISBN-10: 1-58705-256-3 Warning and Disclaimer This book provides information about vulnerabilities linked to Ethernet switches and how to prevent or mitigate attacks against a switch-based network. Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied. The information is provided on an “as is” basis. The authors, Cisco Press, and Cisco Systems, Inc., shall have nei- ther liability nor responsibility to any person or entity with respect to any loss or damages arising from the informa- tion contained in this book or from the use of the discs or programs that may accompany it. The opinions expressed in this book belong to the author and are not necessarily those of Cisco Systems, .
đang nạp các trang xem trước