Note
Refer to the following site security and incident response-related RFCs:
RFC 2196, "Site Security Handbook" (replaces RFC 1244)
RFC 2350, "Expectations for Computer Security Incident Response" (BCP 21)
RFC 2504, "Users Security Handbook"
RFC 2828, "Internet Security Glossary"
RFC 3013, "Recommended Internet Service Provider Security Services and Procedures" (BCP 46)
Summary
Networks today are vulnerable because of security technologies being implemented as an afterthought and not
during the planning and design phase of building the network. This has led to many insecure network designs
and solutions.
This chapter identified some of the most common attack vectors, such as IP spoofing, SYN flooding, MAC
flooding, DoS, ARP spoofing, and how an intruder can exploit these to their advantage. Several mitigation
techniques, such as packet classification and marking techniques, Traffic Policing, TCP Intercept, NBAR, ARP and
DHCP spoofing mitigation, Spanning Tree Protocol features, and several other Layer 2 and Layer 3 features are
discussed.
The chapter concludes with a discussion on how to respond in a security incident using a set of methodological
steps to prepare readiness for any security event.
Pages:
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433