Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Managed switches outside firewalls?

from [Bryan S. Sampsel] Network Security [Permanent Link]
Subject: Re: Managed switches outside firewalls?
Date: Wed, 30 May 2007 12:56:00 -0600 (MDT) 
For starters, if you don't use the default VLAN configuration, you
mitigate VLAN attacks.  Basically, if you leave your DEFAULT VLAN to 1,
you're asking for injection attacks.

Secondly, configure two VLANs, one that your "public" stuff sits on and
one that can be used for management.  Now, if you want some extra
protection, put the management interface on a separate DMZ port of your
firewall.  This way, you can limit who can even get to that interface
before attempts hit the switch.  The advantage of this is also that if
someone does successfully jump VLANs, you still have a firewall out there
to protect your network.

And yes, there are advantages to managing your switch.  First, the managed
switches are often higher quality.  Second, you can adjust
port-speed/duplex issues if your server has problems with auto-negotiate
on an unmanaged switch.  While this is less common now, it does crop up
from time to time.  Third, if you implemented, say, a Foundry Networks
switch, you can use SFLOW to monitor traffic flows/levels and use the data
for everything from security/intrusion issues to performance benchmarks.

Good luck.

Sincerely,

Bryan S. Sampsel
LibertyActivist.org
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Re: Attacking a machine on network., sandeep . sandhu . in
Next by Date:  Re: Forensic tool to recommend?, Richard Lane
Previous by Thread:  Re: Managed switches outside firewalls?, Hari Sekhon
Next by Thread:  RE: Managed switches outside firewalls?, ragdelaed
Indexes:  [Date] [Thread] [Top] [All Lists]