Layer 2 can be a very weak link. Take steps to defend against MAC attacks, MAC spoofing, CDP attacks, and STP attacks by configuring the switch to defend itself.
- [Narrator] Layer Two, or the Data Link,…can fall victim to a number of different type of attacks:…a macof attack, MAC spoofing,…Cisco Discovery Protocol attack,…or Spanning Tree Protocol attack.…Layer Two can be a very weak link and if attacked,…any higher layers are most likely affected,…and that will include your users.…Best practice is to take steps to protect…against these types of attacks.…On a switch, to protect against a Macof Attack,…the network administrator should use…switchport port security.…
This limits the number of MAC addresses…connecting to a single port on a switch.…On a Cisco switch, this is very easy to configure.…We would first say switchport mode access…and that would set the interface mode as access,…if it isn't already.…Then we would assign port-security,…and then we would say enable sticky MAC.…A sticky MAC allows only MAC addresses…that are dynamically assigned…or administratively added to stick to the port.…
This tells us what would happen if there was a violation…and Cisco suggests you shut down the port.…
Note: The topics in this course will prepare you for key objectives on the Certified Ethical Hacker exam. Find an overview of the certification and the exam handbook at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Sniffing network traffic
- Passive vs. active attacks
- Comparing IPv4 to IPv6
- MAC and macof attacks
- Investigating DHCP attacks
- Detecting ARP and DNS spoofing
- Sniffing tools and techniques
Skill Level Beginner
1. Sniffing Overview
2. MAC Attacks
6. Sniffing Tools and Techniques
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.