Overview of attacks & countermeasures
- IP spoofing – IP source guards, PACL
- STP Spoofing – BPDU guard, Root guards
- MAC Spoofing – Port Security , Static CAM table entries
- DHCP Server Spoofing – DHCP Snooping
- ARP Spoofing – ARP inspection (ASA + IPS )
- VLAN Hopping – Disable auto DTP *
- CAM Floods – Port Security , 802.1x
- DHCP Starvation – DHCP Rate limiting
Recently, while trying to enable proxy arp on an interface, I noticed the presence of the sub interface command ‘ip local-proxy-arp’. I was a little puzzled and the googling I did didn’t help me get a better understanding of the concept. Bewildered, I turned to my favorite network forum, networking-forum.com and asked if someone could help out with an explanation…
AutoInstall using DHCP allows for the configuration of a new Cisco router using Ethernet, Token Ring, and FDDI interfaces (the AutoInstall process using serial line interfaces remains unchanged from previous releases).
Note The term “router” is used in the following process to represent any supported Cisco device (including, for example, Access Servers).
The Stateful Network Address Translation 64 feature provides a translation mechanism that translates IPv6 packets into IPv4 packets and vice versa.
In this IS-IS tutorial i will shortly discuss IS-IS and create a simple IS-IS lab in gns3.
What is IS-IS?