LAYER 3 | Hacking Exposed Cisco Networks: Cisco Security Secrets & Solutions

Assessing handling of IP spoofing

Assessing handling of IP fragmentation and fragment overlapping

Assessing IPID sequences and zombie scan host vulnerability

Assessing handling of oversized and incorrect checksum raw IP packets

Assessing NAT/PAT operations and DMZ implementation

Assessing the response to protocol type scans

Assessing handling IP options and vulnerability to strict and loose source routingbased attacks

Assessing broadcast/directed broadcast traffic filtering/ smurf protection Mapping Layer 3 access lists

Assessing redirection attacks via ICMP types 5, 9, and 10

Assessing ICMP queries ( netmask , time)

Assessing handling oversized and incorrect checksum ICMP packets and ICMP source quench flooding effects

Assessing ICMP filtering settings and capabilities

Performing ICMP-based fuzzy OS fingerprinting

Assessing handling oversized, fragmented , and incorrect checksum IGMP packets

Assessing DOCSIS security compliance of the IGMP implementation

Assessing security and stability of Layer 3 tunneling protocols (IPIP, GRE) implementation. Tunnel sniffing and insertion attacks

Assessing authentication security and route injection/traffic redirection for RIP

Assessing authentication security and route injection/traffic redirection for IGRP and EIGRP

Assessing authentication security and route injection/traffic redirection for OSPF

Assessing authentication security and route injection/traffic redirection for iBGP and eBGP

Assessing routing information leakage/passive ports implementation

Assessing route distribution lists implementation and function

Assessing authentication security and traffic redirection for HSRP and VRRP

Mapping IPSec implementations

Assessing IPSec traffic forwarding

Assessing IPSec concentrator function

Assessing IPSec ciphers and compression support (hardware/software)

Assessing IPSec modes and authenticator types

Assessing security of other Layer 3 security protocols (for example, VTUN)