With the Address Resolution Protocol (ARP) can determine IP hosts MAC address to an IP address. This mapping is stored in the ARP cache. An attacker can try using falsified ARP frames to manipulate these Zuordnugn. He may be either a man-the-middle attack in conduct or communication in the network interfere. This type of attack, known as ARP spoofing and ARP poisoning. Read the rest of this entry »
Jun
19
Security was one of the first features for securing network ports. Access to the network via this address controlled. The MAC can access port to specific MAC addresses or a number of addresses to be limited.
In violation of a defined traffic rules can be filtered (violation protect or restrict) or the interface will be disabled (shutdown violation). Read the rest of this entry »
May
30
Static configuration:
It was performed manually by an administrator assigned to the respective ports VLANs. By default all ports belong to VLAN1 until the administrator change these settings.
Dynamic configuration:
The IOS Catalyst switches support dynamic configuration through a server belonging to VLAN (VMPS). The VMPS server can be a high end switch that is running an operating system based on set (CatOS). Read the rest of this entry »
Apr
25
Broadcast storms can easily disrupt entire networks. They spread a layer 2 broadcast domain on the inside out. This can flat networks the entire network to be in, or in modern networks, a VLAN. A broadcast storm can disturb Router (high CPU load) and thus lead beyond the boundaries of a VLAN to disturbances.
The typical pays for a broadcast tower is the little switch in the office or on the conference table. Is there a mistake loop (Loop patched), this switch to the traffic generator.
The red wire on the small 3Com switch creates a loop on the second Layer The switch floods by the central switches on the green cable with all the broadcasts, multicasts and unicasts an unknown recipient. Read the rest of this entry »
Mar
15
This article explains how to configure WAN protocols on a Layer 3 switch, covering both its operation and how this works in a WAN environment.
Layer 3 switching
The Layer 3 switching refers to a class of high-performance routers optimized for LANs or corporate intranets, can provide both switching and Ethernet services at wire speed. A Layer 3 switch router performs the following three main functions:
- Packet switching
- Processing route
- Intelligent Network Services
Mar
9
In a network, is not only important to monitor server performance, it is equally important to control devices such as switches and routers. The exhibition in this article will focus primarily switches, but similar techniques can be applied to other types of network hardware.
The problem of switch
When controlling the use of hardware, switches present a special problem. In the normal method for measuring the use of a network, a sniffer monitors data packets as they flow through the network. If the nodes are connected by a hub, you can put a sniffer on a port empty on that hub and monitor all traffic passing through it. This is because all nodes included one part of the hub share a common collision domain. When a node transmits a data packet, that packet is sent through the hub ports and is received by each device connected to the hub itself. Read the rest of this entry »
Aug
28
Storage and shipping:
The switch must receive the complete frame before sending it to the port. Read the destination MAC address, it checks the CRC (cyclic redundancy counter used in the frames sent to verify errors), applies the corresponding filter and relays. If the CRC is incorrect rule out the plot. The shipping delay or latency is usually higher because the switch must store the full story, check it and then send it to the corresponding segment.
Cutting Method:
The switch checks the destination MAC address received as the head of the plot, and immediately begins to send the frame. The disadvantage of this mode is that the switch might broadcast a network of collision or a frame with an incorrect CRC value, but very low latency. Read the rest of this entry »
Aug
20
For the initial configuration of the Switch using the console port connected to a console or rollover cable and RJ-45 to DB-9 COM1 port to connect to the computer. This must have a terminal emulation software such as HyperTerminal.
The configuration parameters are:
• The appropriate COM port
• 9600 baud
• 8 data bits
• No parity
• 1 stop bit
• No flow control Read the rest of this entry »
Apr
1
DHCP snooping is a security feature for filtering untrusted DHCP messages, and can protect clients on the network from peering up with an unauthorized DHCP server. When enabled, it builds a table of MAC address, IP address, lease time, binding type, and interface information .
There is also an important difference between trusted and untrusted interfaces when talking about DHCP snooping. . An untrusted interface is an interface that is configured to receive messages from outside the network or firewall. A trusted interface is an interface that is configured to receive only messages from within the network. Read the rest of this entry »
Mar
3
Introduction
This is an example of configuring a switch with three VLANs (VLAN1 default name VLAN10 VLAN20 faculty and student name). When you configure VLANs, you must know first that they are on separate broadcast domains, i.e., are separated from each network and not simply data-link, as if all hosts on different VLANs to be on a different interface a router, in fact, each VLAN is a network address or subnet different. So, for example, all hosts connected to VLAN10 faculty can communicate with each other, but not with the hosts VLAN20 student or with hosts connected to VLAN1.
Warning: because VLANs can communicate, you must put a router in such a way that routing protocols to handle communication between different VLANs. Read the rest of this entry »