Succesfully Pass a Network Audit - Technical Report
3 views 0 purchase
Course
Cyber-Security
Institution
Bolton College
When we talk about a network, basic devices that we have to talk about are routers, switches and firewalls, these three devices are the base of any network. Therefore, an audit to those devices is mandatory to verify correct configurations and precautions in order to avoid cyber-attacks. Successful...
1 Introduction
When we talk about a network, basic devices that we have to talk about are routers, switches and
firewalls, these three devices are the base of any network. Therefore, an audit to those devices is
mandatory to verify correct configurations and precautions in order to avoid cyber-attacks.
Successfully attack or compromise a network is relatively easy to do it, all we need is an attacker
running a Pen testing Operating System like Kali Linux and access to the physical network. This tool
can easy take advantage of a security breach and deploy a Denial of Services or Man-In-The-Middle
attack.
Most of these vulnerabilities con be mitigating with security measures applied in the switches and in
the routers, for that reason, this report is focused basically on the switch and the router.
2 Today’s networks
Today’s networks run protocols that are needed for communication, like ARP, DNS; others that make
things easier for the management, like DHCP, CDP, Telnet; and others that help the network to have
redundancies in case of a failure in a link, like STP and HSRP. All these protocols can be susceptible
to attacks if do not take precautions while using them.
Source: cisco.com
1
, Technical Report
Next, we are going to explain the basic functionality of all these protocols:
DHCP Dynamic host configuration protocol. Assign IPs automatically to new hosts that
want to join to the network.
ARP Address resolution protocol. Map an IP (logical) address with a MAC (physical)
address.
DNS Domain name system. It is a naming system that helps us to resolve hostnames to IP
addresses.
CDP Cisco discovery protocol. Cisco proprietary protocol that shares information of
connected cisco devices.
STP Spanning-tree protocol. Prevents loops from being formed when switches are
interconnected via multiple paths.
HSRP Hot standby router protocol. Cisco proprietary protocol for redundancy in the default
gateway.
With all these basic concepts we can jump to identify the vulnerabilities related to these protocols in
the next stage.
Note: It is assumed that the reader has already knowledge of these protocols, thus, further explanation
is not needed.
3 Vulnerabilities
According to my experience and my research, many networks are susceptible to the following
vulnerabilities.
3.1 Physical access
If someone has physical access to the devices can simply plug a console or network cable to change
the configuration or launch an attack.
Assuming that all devices are in VLAN 1 (same broadcast domain) and a DHCP server is running, an
attacker can basically just plug a UTP cable to a port and get all the information needed via DHCP to
perform scanning and subsequently start an attack.
2
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Erickgoose. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.96. You're not tied to anything after your purchase.