From the course: Cisco Network Security: Secure Routing and Switching
Layer 3 attacks: Overview
From the course: Cisco Network Security: Secure Routing and Switching
Layer 3 attacks: Overview
- [Instructor] The network layer, or layer three handles addressing and routing. Routers operate in layer three and some of the main functions of a router are path selection and packet forwarding. The protocols that are used in this layer include IP, Ipsec, and ICMP. Layer three, like any other layer in the OSI model, can suffer both active and passive attacks. Some layer three attacks are passive, such as sniffing or scanning. Which are done because of a need to discover information about a network. For example, we might see operating system fingerprinting using ICMP. There are several active attacks that could cripple a network. Routing table poisoning is a malicious change in the routing table of a router that can result in redirection of some or all network traffic and cause connectivity problems. IP spoofing is a technique a hacker uses to gain access to a system by modifying the packet header with a spoofed source IP address. Denial of service attacks, such as a ping flood, which can prevent the router from processing traffic and can affect the whole network. To prevent layer three attacks, the network administrator should implement security controls on multiple levels. Such as using a firewall to filter inbound and outbound traffic, along with strong access controls. In addition, routers are essential in any organization. Take steps to secure the control plane. Configure privilege levels and IOS role-based command line interface access, and provide routing update authentication.
Contents
-
-
-
-
Layer 3 attacks: Overview1m 57s
-
(Locked)
Secure the control plane3m 9s
-
(Locked)
Examine privilege levels3m 29s
-
(Locked)
Assign privilege levels5m 25s
-
(Locked)
Configure IOS role-based CLI access3m 53s
-
(Locked)
Implement IOSR Resilient Configuration2m 24s
-
(Locked)
Routing update authentication2m 45s
-
(Locked)
Challenge: EIGRP authentication1m 3s
-
(Locked)
Solution: EIGRP authentication2m 43s
-
-
-
-
-