Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

Chapter 8. Securing the Data Plane on Ca... > Common Threats to the Switching Infr... - Pg. 104

104 Common Threats to the Switching Infrastructure Common Threats to the Switching Infrastructure Layer 2 and Layer 3 switches are targets of attack and must be secured. If a Layer 2 switch is compromised, Layers 3­7 are also affected. Layer 2 Attacks Layer 2 Attack Attack Description Catalyst Switch Mitigation Solution MAC address attacks STP manipulation There are two types of attacks: MAC spoofing attacks MAC address table attacks Attackers attempt to disrupt STP network by introducing rogue switch. Also called broadcast storms and are caused by the following: Protocol stack error Misconfiguration Configure port security. Configure PortFast. Configure BPDU guard. Configure root guard. Configure storm control. LAN storms