Scribd Logo
Cargar

¡Te damos la bienvenida a Scribd!

  • Port Security

    Cargado por

    Luong Vu Huy
    136 vistas3 páginas

    Derechos de autor

    © Attribution Non-Commercial (BY-NC)

    Formatos disponibles

    DOCX, PDF, TXT o lea en línea desde Scribd

    ¿Le pareció útil este documento?

    ¿Este contenido es inapropiado?

    Denunciar este documento

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Descargue como DOCX, PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    136 vistas3 páginas

    Port Security

    Cargado por

    Luong Vu Huy

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Descargue como DOCX, PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    de 3

    1/ Gii thiu Bn l 1 QTM, v bn nm r thit b no c ni vo cng no trn Switch, tng lai bn mun cc cng s c s dng nh th no.

    . Khi , tnh nng Port Secutiry s gip bn 1 s vn sau: - Gii hn cho 1 cng ch c s dng bi 1 (hoc nhiu) thit b. VD: bn mun cng Fa0/1 ch chp nhn cc frame n t thit b c MAC Address l 0202.1111.1111 iu ny gip gim thiu 1 s nguy c mng b tn cng khi Attacker thc hin ARP Attack. - Nu 1 thit b khng c quyn s dng cng gi frame ti, Switch loi b frame , ghi li log, hoc shutdown cng (loi b tt c cc frame mun vo ra t cng ny ca tt c cc thit b) 2/ Cc bc cu hnh Cu hnh Port Security bao gm nhiu bc. V c bn, bn cn thit lp cho cng mun p Port Security tr thnh Access Port, tc l cng ch c th trao i frame vi cc cng nm cng VLAN vi n. Sau , bn enable cho Port Security v cu hnh thit b c MAC Adrress l g mi c s dng cng . Di y l cc bc thc hin. B0: Nhy vo cng mun p PS B1: cng tr thnh Access Port s dng lnh Code:
    switchport mode access

    B2: enable PS cho n g tip Code:


    switchport port-security

    B3: (khng bt buc) Nu mun ch nh s lng MAC Address ti a c php lin kt vi cng ny th g Code:
    switchport port-security maximum number

    (thay number=s MAC Address, mc nh l 1) B4: (khng bt buc) Bn mun Switch lm g khi cc frame gi ti cng ny c Source MAC Address khng nm trong danh sch cho php: protect, restrict, shutdown? (chn 1 trong 3) Mc nh l shutdown cng Code:
    switchport port-security violation {protect | restrict | shutdown}

    Gii thch: - Protect: Loi b frame (nhng vn cho php cc frame khc i ra cng ny) - Restrict: Loi b frame + hin th syslog trn ca s console + gi thng ip SNMP - Shutdown: Loi b frame + hin th syslog trn ca s console v gi thng ip SNMP + disable cng t chi tt c traffic vo ra Ty chn Shutdown t interface vo trng thi error disabled (err-disabled), lm cho interface ngng hot ng hon ton. khi phc lm vic cho n bn nhy vo cng v dng lnh Code:
    no shutdown

    B5a: Ch nh 1 (hoc nhiu) MAC Addess c php gi frame ti cng ny Code:


    switchport port-security mac-address mac_address

    (thay mac_address = MAC Adrress mong mun). S dng lnh ny nhiu ln ch nh hn 1 MAC Adrress

    B5b: Thay v lm bc B5a bn phi d v thm tng MAC Address bng tay, Switch c th t ng thm cc MAC Address vo danh sch c php lin kt vi cng (Whitelist) thng qua qu trnh Sticky Learning. Code:
    switchport port-security mac-address sticky

    Lnh ny s bo cho Switch bit: Thit b no gi frame n cng ny u tin th hy thm MAC Address ca thit b vo Whitelist Lu : + Nu B3 bn t maximum=n th ch c n thit b gi frame n u tin s nm trong Whitelist. + Sau khi hon tt thit lp Port Security bn chy lnh

    Maximum Mac-address: s lng ti da cho php cc mac-address c cu hnh trn mi port l t 1 - 3072. gi tr mc nh l 1 khi ta g lnh: 'switchport portsecurity'. thay i gi tr max mac-address, dng lnh: 'switchport portsecurity maximum xxx' vi xxx l con s c th. Nh vy vi cu hnh trn mnh khng cn thit phi lnh: 'switchport port-security maximum 1' - Violation mode: khi mt mac-address khng c cu hnh trong port-security v s lng mac-address vt qu s lng ti a mac-address cho php th s vi phm n cu hinh ca port-security, action tip theo i vi port ny ty thuc vo cch bn cu hnh vi 3 vioaltion mode sau: protect, restrict, shutdown. + Protect: Port s drop tt c traffic ca mac-address 'l' khng c cu hnh cho n khi bn remove mac-address ny ra khi port (ngt kt ni ca PC ra khi port). + Restrict: Port s drop tt c traffic ca mac-address 'l' khng c cu hnh cho n khi bn remove mac-address ny ra khi port (ngt kt ni ca PC ra khi port). Nhng khc vi mode 'Protect' 1 ch, mode ny s tng dn gi tr b m dnh cho SecurityViolation ( SecurityViolation counter to increment) v s sinh ra cc cnh bo - SNMP Notification c th c gi n Network Administrator. + Shutdown: mode mc nh khi cu hnh port-security vi lnh 'swithcport portsecurity'. Mode ny s drop tt c cc traffic trn port ch khng ch ca mac 'l' v shutdown port ny ngay lp tc, port khi ny ri vo trng thi 'error disable'. Bn c th a port tr li hot ng bng cch cu hnh 'shudown' sau 'no shutdown' trn port, hay t ng enable bng chui lnh: 'errdisable recovery cause psecure-violation' v'errdisable recovery cause interval 3600'.

    También podría gustarte