برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید

09117307688
09117179751

در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید

دسترسی نامحدود

برای کاربرانی که ثبت نام کرده اند

ضمانت بازگشت وجه

درصورت عدم همخوانی توضیحات با کتاب

پشتیبانی

از ساعت 7 صبح تا 10 شب

دانلود کتاب LAN Switch Security: What Hackers Know About Your Switches

دانلود کتاب LAN Switch Security: آنچه هکرها درباره سوئیچ های شما می دانند

مشخصات کتاب

LAN Switch Security: What Hackers Know About Your Switches

دسته بندی: امنیت
ویرایش: 1 
نویسندگان: Eric Vyncke. Christopher Paggen  
سری:  
ISBN (شابک) : 1587052563, 9781587052569 
ناشر: Cisco Press 
سال نشر: 2007 
تعداد صفحات: 361 
زبان: English 
فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود) 
حجم فایل: 3 مگابایت

قیمت کتاب (تومان) : 31,000

میانگین امتیاز به این کتاب :
تعداد امتیاز دهندگان : 7

در صورت تبدیل فایل کتاب LAN Switch Security: What Hackers Know About Your Switches به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.

توجه داشته باشید کتاب LAN Switch Security: آنچه هکرها درباره سوئیچ های شما می دانند نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.

توضیحاتی درمورد کتاب به خارجی

I have been promoting the need to protect access to local network infrastructures (against the insider threat) for so many years that I'm even tired of sending the same message again and again these days, but I do not give up. I never understood why if we require authentication to each and every technology resource, such as your computer operating system, servers, databases, applications, and even physical facilities, why this has not been the case to access the network. Still today, lots of local networks from big companies and organizations are "free", that is, if the attacker gets physical access to an Ethernet port (RJ-45 connector) he is in! (the network). This is one of the attacker's dreams, and we can simply mitigate this threat through the 802.1X protocol. The expansion of wireless networks has helped a lot to promote it, but still it must be applied to most wired networks out there. 802.1X is just one of the multiple additions you can make to your layer 2 security stance in order to protect the local (layer 2) network infrastructure from several attacks. Definitely, you need to stop thinking about IP (layer 3) attacks only, and move one level down. Honestly, one of the layer 2 attacks that works 99% of the times I'm running an internal penetration test is ARP spoofing or poisoning. I tried to emphasize the impact of this attack and the associated defenses on my first GIAC paper for the Incident Handler (GCIH) certification in 2003, "Real World ARP Spoofing". The book covers most of the vulnerabilities, design flaws, and security holes associated to the layer 2 protocols we currently and extensively use on our networks, such as MAC flooding and spoofing attacks, and STP, VLAN, DHCP, ARP, PoE, HSRP, VRRP, CDP, VTP, LAP and even layer-2 IPv6 related attacks. However, and starting with the minimum privilege principle (if you don't need it, why it is enabled?), the main focus of this book (and specially Part I) is to provide the reader with the knowledge and specific details to detect these attacks and protect the network and network devices (mainly switches) against all these threats. For each protocol and attack it describes the proper settings for a secure implementation. Parts II of the book focuses on Denial of Service (DoS and DDoS) attacks on layer 2 devices and provide an excellent overview of switches architectures, internal implementation details (mainly Cisco focused), the relationships between the Control Plane and the Data Plane, the protocols each layer deals with, and the security implications on the internal operation of switches. If you want to know how your switches really work and the security implications of enabling/disabling certain capabilities, this is the section of the book you must read. Part III then provides an introduction to more advanced access control options, through multiple ACL types, and layer-2 authentication (802.1X). It's a good introduction to go deeper into serious layer-2 access control and authentication projects and deployments. Simplifying the threat, the attackers have a single tool (in fact they have multiple but this is THE tool) to do real damage at layer 2, Yersinia, co-develop by a Spanish security colleague, David. We, as defenders, need to properly design and deploy all the layer 2 technologies and protocols considering the security implications of its presence on the network. Fortunately enough, the countermeasures available to mitigate layer 2 risks are available in some current network devices, mainly switches. BTW, I encourage you to use the attack tools, like Yersinia, to audit your network. Some of the book countermeasures are trivial to apply, while some others require a very carefully thought-out planning. The book provides the guidance you need to start accomplishing the goal of getting a definitive layer 2 protected network by exposing the complexity, advantages and disadvantages of each solution. The book is structured in small, easy to read, chapters that describe each of the technologies analyzed and its operation, the security issues and attack examples, and the detection and protection mechanisms you need to apply, straight to the most relevant implementation details. It also includes practical examples and describes multiple scenarios where each countermeasure can be applied, as well as the main decision factors to apply it in a given way. If you are busy (and who is not these days?), I recommend you to select a layer 2 protocol or technology you are using, select the appropriate chapter (a 30-45 minutes read at most), and start planning and applying the related security best practices. You can repeat this chapter selection process every couple of weeks, and in 2-3 months your network will be what I would like to see on all my customers. The book allows network administrators and infosec professionals to independently digest any of the chapters and start protecting the associated technology. Obviously, the main goal should be to apply all the book recommendations to your infrastructure in the short-mid term. Unfortunately, not all the countermeasures mentioned are available in all switches; there is still lot of work to be done by the vendors to implement all them. The book opens the doors to a whole set of layer-2 threats, but it is not a complete guide to implement all the related protections, neither a command documentation book. It is up to the reader to check his switch documentation (Cisco or others) to get the full syntax details and multiple options for each of the countermeasures detailed. If you have managed Cisco devices, you know syntax also changes between IOS/CatOS versions, so I prefer this approach rather than a detailed syntax compendium that may be unusable on my specific IOS/CatOS version. Even this is a Cisco Press book, and obviously it is focused on the current solutions available from Cisco, it is fair to admit that Cisco is leading the networking market and includes some of the most advanced layer 2 protection mechanisms in its switches, such as port security, UUFP, root and BPDU guard, BPDU filtering and rate-limiting, VLAN and layer-2 protocols best practices, DHCP snooping, DHCP rate-limiting and validation, IP source guard, DAI (Dynamic ARP Inspection), PoE defenses, HSRP and VRRP strong authentication, 802.1X, and lots of ACLs types: . RACL, VACL, PACLs, etc. Therefore, as this is the way to go, other vendors (if they do not already have these) should provide similar protection capabilities on their layer 2 network devices. I specially liked how the book ends up (Part IV) covering LinkSec, 802.1AE and 802.1af, future standards that will finally provide confidentiality and integrity at layer 2 at wire-speeds, similarly to what be have today in wireless networks with 802.11i (WPA and WPA2). Why don't you start checking if these standards are supported by your endpoint (client, servers, printers, VoIP phones, etc) and network devices? The sooner we use it, the better. The only portion missing on the book IMHO is the inclusion of layer 2 QoS protocols, such as 802.1p. Apart from that, chapter 1 is a light intro to security. If you have been in the field for a while, you can directly jump over it. I think it could have been omitted. Before reading this book, I had an extensive previous experience on layer 2 security, switches, layer 2 penetration testing, and layer 2 network security architectures and design, and I really enjoyed the book, specially its practical focus, broad scope on layer 2 issues, the format and examples. If you are a penetration tester, I'm sure you will get a few ideas too for your next challenge, and you can easily apply them as most attack tools are publicly available and included on the latest Backtrack 3 version. Definitely, if you are a network security professional or network administrator in any way, shape or form, this book must be in your shelves. Full-review: http://radajo.blogspot.com/2008/07/security-book-review-lan-switch.html

فهرست مطالب

Cover......Page 1
Contents......Page 10
Introduction......Page 19
Part I: Vulnerabilities and Mitigation Techniques......Page 24
  Security Triad......Page 26
  Risk Management......Page 29
  Access Control and Identity Management......Page 31
  Cryptography......Page 32
  References......Page 42
  Back to Basics: Ethernet Switching 101......Page 44
  Exploiting the Bridging Table: MAC Flooding Attacks......Page 48
  MAC Flooding Alternative: MAC Spoofing Attacks......Page 55
  Preventing MAC Flooding and Spoofing Attacks......Page 57
  Summary......Page 61
  References......Page 62
  Introducing Spanning Tree Protocol......Page 64
  Let the Games Begin!......Page 74
  Summary......Page 85
  References......Page 86
  IEEE 802.1Q Overview......Page 88
  Understanding Cisco Dynamic Trunking Protocol......Page 97
  Understanding Cisco VTP......Page 101
  References......Page 103
  DHCP Overview......Page 106
  Attacks Against DHCP......Page 110
  Countermeasures to DHCP Exhaustion Attacks......Page 114
  DHCP Snooping Against IP/MAC Spoofing Attacks......Page 121
  References......Page 124
  Back to ARP Basics......Page 126
  ARP Spoofing Attack......Page 129
  Mitigating an ARP Spoofing Attack......Page 133
  Mitigating Other ARP Vulnerabilities......Page 138
  References......Page 139
  Introduction to IPv6......Page 142
  Analyzing Risk for ND and Stateless Configuration......Page 150
  Mitigating ND and RA Attacks......Page 151
  Here Comes Secure ND......Page 152
  References......Page 154
  Introduction to PoE......Page 156
  Risk Analysis for PoE......Page 160
  Mitigating Attacks......Page 161
  References......Page 164
  HSRP Mechanics......Page 166
  Attacking HSRP......Page 169
  Mitigating HSRP Attacks......Page 172
  References......Page 176
  Discovering VRRP......Page 178
  Mitigating VRRP Attacks......Page 182
  References......Page 184
  Cisco Discovery Protocol......Page 186
  IEEE Link Layer Discovery Protocol......Page 190
  VLAN Trunking Protocol......Page 191
  Link Aggregation Protocols......Page 195
  References......Page 199
Part II: How Can a Switch Sustain a Denial of Service Attack?......Page 202
  How Does a DoS Attack Differ from a DDoS Attack?......Page 204
  Initiating a DDoS Attack......Page 205
  DoS and DDoS Attacks......Page 207
  Attacking LAN Switches Using DoS and DDoS Attacks......Page 209
  Reference......Page 215
 Chapter 13 Control Plane Policing......Page 218
  Securing the Control Plane on a Switch......Page 219
  Implementing Hardware-Based CoPP......Page 221
  Implementing Software-Based CoPP......Page 227
  Mitigating Attacks Using CoPP......Page 232
  References......Page 243
  Configuring Switches Without Control Plane Protocols......Page 246
  Summary......Page 257
  Detecting DoS with NetFlow......Page 260
  Securing Networks with RMON......Page 270
  Other Techniques That Detect Active Worms......Page 273
  References......Page 276
Part III: Using Switches to Augment the Network Security......Page 278
 Chapter 16 Wire Speed Access Control Lists......Page 280
  ACLs or Firewalls?......Page 281
  Protecting the Infrastructure Using ACLs......Page 282
  RACL, VACL, and PACL: Many Types of ACLs......Page 284
  Technology Behind Fast ACL Lookups......Page 288
  Summary......Page 291
  Foundation......Page 294
  Basic Identity Concepts......Page 295
  Discovering Extensible Authentication Protocol......Page 296
  Exploring IEEE 802.1X......Page 298
  802.1X Security......Page 300
  Working with Multiple Devices......Page 309
  Working with Devices Incapable of 802.1X......Page 310
  Policy Enforcement......Page 319
  Summary......Page 320
  References......Page 321
Part IV: What Is Next in LAN Security?......Page 324
  Enterprise Trends and Challenges......Page 326
  Matters of Trust......Page 327
  Road to Encryption: Brief History of WANs and WLANs......Page 328
  Link Layer Security: IEEE 802.1AE/af......Page 330
  Security Landscape: LinkSec’s Coexistence with Other Security Technologies......Page 338
  End-to-End Versus Hop-by-Hop LAN-Based Cryptographic Protection......Page 339
  Summary......Page 341
  References......Page 342
Appendix: Combining IPsec with L2TPv3 for Secure Pseudowire......Page 344
 A......Page 351
 C......Page 352
 D......Page 353
 F......Page 354
 I......Page 355
 J-K-L......Page 356
 M......Page 357
 O-P......Page 358
 S......Page 359
 T......Page 360
 W-X-Y-Z......Page 361