For countermeasures for many of the attacks discussed in class, one great document with discussions and Cisco command syntax is the NSA's Cisco IOS Switch Security Configuration Guide.
During class a question on jumbo Ethernet frames (usually 9000 bytes) was asked. A jumbo frame uses EtherType 0x8870, as shown in this excerpt from tcpdump/ethertype.h:
#ifndef ETHERTYPE_JUMBO
#define ETHERTYPE_JUMBO 0x8870
#endif
Notice that 0x8870 is not listed in the official IANA assignment list.
I found this note which said some jumbo frames use EtherType 0x0800, but the application data is simply larger than normal (1500 bytes).
A question was asked regarding differences between Cat 5, Cat 5e, Cat 6, and Cat 7 cables. This article provides an overview. Wikipedia is also helpful, as long as no random user edits it to be incorrect.
On slide 133 I said "auto" is the default DTP mode on Cisco switches. I have seen conflicting news on this, with both my switch operating in "desirable" mode by default and Cisco documentation reporting "desirable" as the default. I recommend considering DTP mode "desirable" as the default, not auto. If any blog reader can confirm, I would appreciate it.
0 komentar:
Posting Komentar