From the course: Cisco Network Security: Secure Routing and Switching

Layer 3 attacks: Overview

From the course: Cisco Network Security: Secure Routing and Switching

Start my 1-month free trial

Layer 3 attacks: Overview

- [Instructor] The network layer, or layer three handles addressing and routing. Routers operate in layer three and some of the main functions of a router are path selection and packet forwarding. The protocols that are used in this layer include IP, Ipsec, and ICMP. Layer three, like any other layer in the OSI model, can suffer both active and passive attacks. Some layer three attacks are passive, such as sniffing or scanning. Which are done because of a need to discover information about a network. For example, we might see operating system fingerprinting using ICMP. There are several active attacks that could cripple a network. Routing table poisoning is a malicious change in the routing table of a router that can result in redirection of some or all network traffic and cause connectivity problems. IP spoofing is a technique a hacker uses to gain access to a system by modifying the packet header with a spoofed source IP address. Denial of service attacks, such as a ping flood, which can prevent the router from processing traffic and can affect the whole network. To prevent layer three attacks, the network administrator should implement security controls on multiple levels. Such as using a firewall to filter inbound and outbound traffic, along with strong access controls. In addition, routers are essential in any organization. Take steps to secure the control plane. Configure privilege levels and IOS role-based command line interface access, and provide routing update authentication.

Contents