List of Figures
| | ||
| | ||
| | ||
Chapter 1: Cisco Network Design Models and Security Overview
- Figure 1-1: The flat earth design model
- Figure 1-2: The star design model showing a VPN concentrator
- Figure 1-3: The two- tier design model
- Figure 1-4: The ring design model
- Figure 1-5: The full mesh design model
- Figure 1-6: The partial mesh design model
- Figure 1-7: A DMZ based on a three-legged firewall
- Figure 1-8: An outside DMZ
- Figure 1-9: A dirty DMZ
- Figure 1-10: A two-firewall DMZ
Chapter 2: Cisco Network Security Elements
- Figure 2-1: Typical AAA network security configuration
- Figure 2-2: Cisco hierarchical design network security model
Chapter 3: Real-World Cisco Security Issues
- Figure 3-1: Bugtraq Cisco vulnerabilities count
Chapter 4: Profiling and Enumerating Cisco Networks
- Figure 4-1: Online Cisco BGP Toolkit from http://www.NetConfigs.com
- Figure 4-2: Online Cisco BGP Config Tool from http://www.NetConfigs.com
- Figure 4-3: Routing Registry Consistency Check for the country of Latvia
- Figure 4-4: RIPE RIS Looking Glass web interface
- Figure 4-5: Worldwide reverse traceroute and looking glass servers on the CAIDA web site
- Figure 4-6: Reverse Traceroute/Looking Glass Search menu
- Figure 4-7: RIPE whois advanced search
- Figure 4-8: RADB advanced whois query
- Figure 4-9: NetConfigs whois search
- Figure 4-10: FixedOrbit search tools
- Figure 4-11: RIPE RIS AS search
- Figure 4-12: RIPE RIS ASInuse search
- Figure 4-13: RIPE RIS BGP Routing Hot Spot Utility by AS
- Figure 4-14: A NetGeo AS lookup
- Figure 4-15: RADB maintainer query
- Figure 4-16: RADB Web Update
- Figure 4-17: BGPlay in action
- Figure 4-18: The wonders of Hermes
- Figure 4-19: Querying RIP with ASS
- Figure 4-20: IGRP routing domain number bruteforcing
Chapter 5: Enumerating and Fingerprinting Cisco Devices
- Figure 5-1: A CDP frame caught by Ethereal
Chapter 6: Getting In from the OutsideDead Easy
- Figure 6-1: Xhydra at work
- Figure 6-2: Hydra support in Nessus
- Figure 6-3: Unsecure remote password cracker
- Figure 6-4: Cisco MIB subtree
- Figure 6-5: Foundstone SNScan
- Figure 6-6: SolarWinds IP Network Browser
- Figure 6-7: SolarWinds Router Security Check
- Figure 6-8: SolarWinds SNMP bruteforce
- Figure 6-9: SNMP walking with NetScanTools Pro
- Figure 6-10: Getif MIB browser
- Figure 6-11: Mbrowse
- Figure 6-12: iReasoning MIB Browser in action
- Figure 6-13: DwMibBrowser, looking at a Cisco 2600 router
- Figure 6-14: SolarWinds Cisco Tools
- Figure 6-15: SNMPc server running
- Figure 6-16: Scotty/Tkined and its Cisco-specific features
Chapter 7: Hacking Cisco DevicesThe Intermediate Path
- Figure 7-1: Snmpwalking with SilverCreek
- Figure 7-2: SNMP vulnerability test using SilverCreek
- Figure 7-3: SilverCreek console
- Figure 7-4: SilverCreek agent compliance testing
- Figure 7-5: Main SimpleTester interface
- Figure 7-6: Cisco MIBsalways needed
- Figure 7-7: Snmpwalk after the test parameters are set
- Figure 7-8: SimpleSleuthLite vulnerability assessment
- Figure 7-9: A trap sent by PROTOS is captured.
- Figure 7-10: Cisco web-based management configuration
- Figure 7-11: This Cisco device is vulnerable to arbitrary administrative access vulnerability.
- Figure 7-12: SPIKE Proxy interface
Chapter 8: Cisco IOS ExploitationThe Proper Way
- Figure 8-1: Local memory region
- Figure 8-2: Memory block linking
- Figure 8-3: Free memory block
- Figure 8-4: Process memory block
- Figure 8-5: The REDZONE overwriting
- Figure 8-6: A fake memory block used to trick Check Heaps
- Figure 8-7: Memory block freeing
Chapter 9: Cracking Secret Keys, Social Engineering, and Malicious Physical Access
- Figure 9-1: Instant password decryption with Cain & Abel
- Figure 9-2: Cain & Abel PIX-Hash bruteforcing attack screen
Chapter 10: Exploiting and Preserving Access
- Figure 10-1: Viewing and downloading captured traffic from a PIX firewall
- Figure 10-2: IOS image file header
- Figure 10-3: Bird's-eye view of ELF file patching
- Figure 10-4: Magic value in the IOS header
- Figure 10-5: A structure of the self-extractable IOS image file
Chapter 12: Spanning Tree, VLANs, EAP-LEAP, and CDP
- Figure 12-1: A typical situation in which STP must be used
- Figure 12-2: A multihomed attack
- Figure 12-3: The Yersinia ncurses GUI
- Figure 12-4: STP attacks in Yersinia
- Figure 12-5: Network split DoS via STP collision
- Figure 12-6: 802.1q-tagged Ethernet frame
- Figure 12-7: Cisco ISL encapsulated Ethernet frame
- Figure 12-8: Double-tag VLAN hopping attack
- Figure 12-9: Making use of a PVLAN hopping attack
- Figure 12-10: Dynamic VLAN assignment
Chapter 13: HSRP, GRE, Firewalls, and VPN Penetration
- Figure 13-1: An overview of the GRE attack
- Figure 13-2: An overview of the active and passive FTP connection exchange
Chapter 14: Routing Protocols Exploitation
- Figure 14-1: Sniffing RIPv2 with Cain
- Figure 14-2: Sending RIPv2 MD5 hash for cracking
- Figure 14-3: RIPv2 MD5 hash bruteforcing
- Figure 14-4: OSPF routing domain joining handshake
- Figure 14-5: Sending OSPF MD5 hash for cracking
- Figure 14-6: OSPF Md5 hash bruteforcing
| | ||
| | ||
| | ||
Hacking Exposed Cisco Networks: Cisco Security Secrets & Solutions
ISBN: 0072259175
EAN: 2147483647
EAN: 2147483647
Year: 2005
Pages: 117
Pages: 117