Friday, November 02, 2007

Book Review: LAN Switch Security

Title: LAN Switch Security: What Hackers Know About Your Switches
Authors: Eric Vyncke and Christopher Paggen
Publisher: Cisco Press

Quote "Contrary to popular belief, Ethernet switches are not inherently secure. Security vulnerabilities in Ethernet switches are multiple: from the switch implementation, to control plane protocols (Spanning Tree Protocol [STP], Cisco® Discovery Protocol [CDP], and so on) and data plane protocols, such as Address Routing Protocol (ARP) or Dynamic Host Configuration Protocol (DHCP). LAN Switch Security explains all the vulnerabilities in a network infrastructure related to Ethernet switches. Further, this book shows you how to configure a switch to prevent or to mitigate attacks based on those vulnerabilities. This book also includes a section on how to use an Ethernet switch to increase the security of a network and prevent future attacks."

Go into some (or most!) networks today, that run cisco switches, and you will see the majority of the security functions not enabled, or simply un or misconfigured. When you read this book, i`m sure you`ll start to review the security of your switch infrastructure right away. When you discover the insecurities of individual protocols, and the freely available tools on the internet that could bring you Network Meltdown!

Now before i start, for anyone that has read the famous "Hacking Exposed: Cisco Networks" book, that came out in 2006, LAN Switch Security:What hackers know about your switches will be pretty much overlap.

But if you havent read the previous mentioned book, then LAN Switch security is a definite read.

I think the book is well written, and includes many references to "hacking tools" on the web, with explanations of how attacks work, and examples of how to mitigate. For example, VLAN Hopping, DHCP Weaknesses, Arp Spoofing, HSRP etc.

You`ll have great fun in testing with tools like the famous "yershina". (Yersinia is a network tool designed to take advantage of some weaknesses in different network protocols.)

Though a couple sections in the book are thin on the ground in terms of configuration examples, for example the ACL section, i`d still recommend this book as a great read, to anyone looking to improve switch security in a Cisco Network.


fropert said...

I already own the hacking exposed book!
So I'll not read the LAN Switch Security book in the near future...
See you Chris

Anonymous said...

Thanks for the info.