Network Design Flashcards
MAC Flooding
an attacker floods network switches with fake MAC addresses to compromise their security
Switches can fail-open when flooded and begin to act like a hub
MAC Spoofing
A MAC spoofing attack is where the intruder sniffs the network for valid MAC addresses and attempts to act as one of the valid MAC addresses
Limit static MAC addresses accepted
Limit duration of time for ARP entry on hosts
Conduct ARP inspection
De-Militarized Zone - DMZ
A segment isolated from the rest of a private network by one or more firewalls
physical or logical subnet that separates a local area network (LAN) from other untrusted networks
Everything behind the DMZ is invisible to the outside network
Extranet
created for your partner organizations to access over a wide area network
Intranets are used when only one company is involved
Bastion Hosts
Hosts or servers in the DMZ which are not configured with any services that run on the local network
Jumpbox
server that provides access to other hosts within the DMZ
An administrator connects to the jumpbox and the jumpbox connects to hosts in the DMZ
Network Access Control - NAC
devices are scanned to determine its current state prior to being allowed access onto a given network
NAC: Persistent Agents
A piece of software that is installed in the OS device: checks if end points who wanna have access are trusted, have latest anti-virus software …
NAC: Non-Persistent Agents
A piece of software that is not installed in OS. You install it, scans the device, and remove after the scan
Why using a VLAN
allows you to take one physical switch, and break it up into smaller mini-switches.
VLANs: Switch Spoofing
Attacker configures their device to pretend it is a switch and uses it to negotiate a trunk link to break out of a VLAN
VLANs: Double Tagging (attack)
The attacker creates a trunk port between their PC and the switch by using the DTP negotiation methods. Then the attacker creates a double tag with the intended VLAN as the inside tag, and the native VLAN as the outside tag. When the switch receives the frame, it sees the outer tag as native VLAN and therefore discards the outer tag. Hence it would look as if the frame is intended to get the VLAN on which the victim is placed.
Benefits of Subnetting
Efficient use of IP addresses
Reduced broadcast traffic
Reduced collisions
Compartmentalized
Subnet’s policies and monitoring can aid in the security of your network
Network Address Translation - NAT
PAT - Port Address Translation
Network Address Translation:
allows multiple devices to access the Internet through a single public address. To achieve this, the translation of a private IP address to a public IP address is required.
NAT is a process in which one or more local IP address is translated into one or more Global IP address and vice versa to provide Internet access to the local hosts.
Port Address Translation:
permits multiple devices on a LAN to be mapped to a single public IP address
Telephony
Term used to describe devices that provide voice communication to users
