Home > Articles > Cisco Certification > CCNP > CCNP Security Secure 642-637 Quick Reference: Cisco Layer 2 Security

CCNP Security Secure 642-637 Quick Reference: Cisco Layer 2 Security

Contents

  1. Types of Layer 2 Attacks
  2. CAM Overflow
  3. VLAN Hopping
  4. MAC Spoofing

Chapter Description

The availability of dedicated Layer 2 attack tools makes it necessary to defend against possible attack by implementing the features that Cisco offers within IOS Software. This chapter describes the main types of Layer 2 attacks and how to defend against them.

A lot of attention is paid to securing the higher layers of the OSI reference model with network-level devices such as firewalls, intrusion protection systems (IPS), and applications such as antivirus and host-based intrusion protection (HIPS).

Layer 2 attacks occur, as you would expect, at Layer 2 of the OSI model. We know that switching operates at Layer 2; therefore, most of these attacks need to be mitigated in the switches you deploy in your network.

Layer 2 attacks are often overlooked when designing a network security solution; it is quite normal to find Layer 2 networks with no protection whatsoever. The availability of dedicated Layer 2 attack tools makes it necessary to defend against possible attack by implementing the features that Cisco offers within IOS Software.

One of the best tools used for testing Layer 2 security is Yersinia that is freely available from http://www.yersinia.net/ and is part of the BackTrack 4 security distribution.

Types of Layer 2 Attacks

This section covers several types of Layer 2 attacks. This section also explains how to mitigate these attacks by implementing the correct control in Cisco IOS.

Following are the main types of Layer 2 attacks:

  • CAM overflow
  • VLAN hopping
  • MAC spoofing
  • Private VLAN attacks
  • DHCP attacks
2. CAM Overflow | Next Section