(Rapid) Spanning Tree Protocol
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Impact Analysis of System and Network Attacks
View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by DigitalCommons@USU Utah State University DigitalCommons@USU All Graduate Theses and Dissertations Graduate Studies 12-2008 Impact Analysis of System and Network Attacks Anupama Biswas Utah State University Follow this and additional works at: https://digitalcommons.usu.edu/etd Part of the Computer Sciences Commons Recommended Citation Biswas, Anupama, "Impact Analysis of System and Network Attacks" (2008). All Graduate Theses and Dissertations. 199. https://digitalcommons.usu.edu/etd/199 This Thesis is brought to you for free and open access by the Graduate Studies at DigitalCommons@USU. It has been accepted for inclusion in All Graduate Theses and Dissertations by an authorized administrator of DigitalCommons@USU. For more information, please contact [email protected]. i IMPACT ANALYSIS OF SYSTEM AND NETWORK ATTACKS by Anupama Biswas A thesis submitted in partial fulfillment of the requirements for the degree of MASTER OF SCIENCE in Computer Science Approved: _______________________ _______________________ Dr. Robert F. Erbacher Dr. Chad Mano Major Professor Committee Member _______________________ _______________________ Dr. Stephen W. Clyde Dr. Byron R. Burnham Committee Member Dean of Graduate Studies UTAH STATE UNIVERSITY Logan, Utah 2008 ii Copyright © Anupama Biswas 2008 All Rights Reserved iii ABSTRACT Impact Analysis of System and Network Attacks by Anupama Biswas, Master of Science Utah State University, 2008 Major Professor: Dr. Robert F. Erbacher Department: Computer Science Systems and networks have been under attack from the time the Internet first came into existence. There is always some uncertainty associated with the impact of the new attacks. -
Transparent LAN Service Over Cable
Transparent LAN Service over Cable This document describes the Transparent LAN Service (TLS) over Cable feature, which enhances existing Wide Area Network (WAN) support to provide more flexible Managed Access for multiple Internet service provider (ISP) support over a hybrid fiber-coaxial (HFC) cable network. This feature allows service providers to create a Layer 2 tunnel by mapping an upstream service identifier (SID) to an IEEE 802.1Q Virtual Local Area Network (VLAN). Finding Feature Information Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the Feature Information Table at the end of this document. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://tools.cisco.com/ITDIT/CFN/. An account on http:// www.cisco.com/ is not required. Contents • Hardware Compatibility Matrix for Cisco cBR Series Routers, page 2 • Prerequisites for Transparent LAN Service over Cable, page 2 • Restrictions for Transparent LAN Service over Cable, page 3 • Information About Transparent LAN Service over Cable, page 3 • How to Configure the Transparent LAN Service over Cable, page 6 • Configuration Examples for Transparent LAN Service over Cable, page 8 • Verifying the Transparent LAN Service over Cable Configuration, page 10 • Additional References, page 11 • Feature Information for Transparent LAN Service over Cable, page 12 Cisco Converged Broadband Routers Software Configuration Guide For DOCSIS 1 Transparent LAN Service over Cable Hardware Compatibility Matrix for Cisco cBR Series Routers Hardware Compatibility Matrix for Cisco cBR Series Routers Note The hardware components introduced in a given Cisco IOS-XE Release are supported in all subsequent releases unless otherwise specified. -
Ieee 802.1 for Homenet
IEEE802.org/1 IEEE 802.1 FOR HOMENET March 14, 2013 IEEE 802.1 for Homenet 2 Authors IEEE 802.1 for Homenet 3 IEEE 802.1 Task Groups • Interworking (IWK, Stephen Haddock) • Internetworking among 802 LANs, MANs and other wide area networks • Time Sensitive Networks (TSN, Michael David Johas Teener) • Formerly called Audio Video Bridging (AVB) Task Group • Time-synchronized low latency streaming services through IEEE 802 networks • Data Center Bridging (DCB, Pat Thaler) • Enhancements to existing 802.1 bridge specifications to satisfy the requirements of protocols and applications in the data center, e.g. • Security (Mick Seaman) • Maintenance (Glenn Parsons) IEEE 802.1 for Homenet 4 Basic Principles • MAC addresses are “identifier” addresses, not “location” addresses • This is a major Layer 2 value, not a defect! • Bridge forwarding is based on • Destination MAC • VLAN ID (VID) • Frame filtering for only forwarding to proper outbound ports(s) • Frame is forwarded to every port (except for reception port) within the frame's VLAN if it is not known where to send it • Filter (unnecessary) ports if it is known where to send the frame (e.g. frame is only forwarded towards the destination) • Quality of Service (QoS) is implemented after the forwarding decision based on • Priority • Drop Eligibility • Time IEEE 802.1 for Homenet 5 Data Plane Today • 802.1Q today is 802.Q-2011 (Revision 2013 is ongoing) • Note that if the year is not given in the name of the standard, then it refers to the latest revision, e.g. today 802.1Q = 802.1Q-2011 and 802.1D -
Understand Vlans, Wired Lans, and Wireless Lans
LESSON 1,2_B 98-366 Networking Fundamentals UnderstandUnderstand VLANs,VLANs, WiredWired LANs,LANs, andand WirelessWireless LANsLANs LESSON 1.2_B 98-366 Networking Fundamentals Lesson Overview In this lesson, you will review: Wired local area networks Wireless local area networks Virtual local area networks (VLANs) LESSON 1.2_B 98-366 Networking Fundamentals Anticipatory Set Explain why wireless networks are so popular, especially in homes Describe the elements that make up a wireless network What is the opposite of a wireless network? LESSON 1.2_B 98-366 Networking Fundamentals LAN A local area network (LAN) is a single broadcast domain. This means the broadcast will be received by every other user on the LAN if a user broadcasts information on his/her LAN. Broadcasts are prevented from leaving a LAN by using a router. Wired LAN An electronic circuit or hardware grouping in which the configuration is determined by the physical interconnection of the components LESSON 1.2_B 98-366 Networking Fundamentals Wireless LAN Communications that take place without the use of interconnecting wires or cables, such as by radio, microwave, or infrared light Wireless networks can be installed: o Peer-to-peer “Ad hoc” mode—wireless devices can communicate with each other o "Infrastructure" mode—allows wireless devices to communicate with a central node that can communicate with wired nodes on that LAN LESSON 1.2_B 98-366 Networking Fundamentals Sample example of a wireless LAN design: LESSON 1.2_B 98-366 Networking Fundamentals Wired LANs: Advantages Most wired LANs are built with inexpensive hardware: 1. Network adapter 2. Ethernet cables 3. -
Network Design Reference for Avaya Virtual Services Platform 4000 Series
Network Design Reference for Avaya Virtual Services Platform 4000 Series Release 4.1 NN46251-200 Issue 05.01 January 2015 © 2015 Avaya Inc. applicable number of licenses and units of capacity for which the license is granted will be one (1), unless a different number of All Rights Reserved. licenses or units of capacity is specified in the documentation or other Notice materials available to You. “Software” means computer programs in object code, provided by Avaya or an Avaya Channel Partner, While reasonable efforts have been made to ensure that the whether as stand-alone products, pre-installed on hardware products, information in this document is complete and accurate at the time of and any upgrades, updates, patches, bug fixes, or modified versions printing, Avaya assumes no liability for any errors. Avaya reserves thereto. “Designated Processor” means a single stand-alone the right to make changes and corrections to the information in this computing device. “Server” means a Designated Processor that document without the obligation to notify any person or organization hosts a software application to be accessed by multiple users. of such changes. “Instance” means a single copy of the Software executing at a Documentation disclaimer particular time: (i) on one physical machine; or (ii) on one deployed software virtual machine (“VM”) or similar deployment. “Documentation” means information published by Avaya in varying mediums which may include product information, operating Licence types instructions and performance specifications that Avaya may generally Designated System(s) License (DS). End User may install and use make available to users of its products and Hosted Services. -
Networking Packet Broadcast Storms
Lesson Learned Networking Packet Broadcast Storms Primary Interest Groups Balancing Authorities (BAs) Generator Operators (GOPs) Reliability Coordinators (RCs) Transmission Operators (TOPs) Transmission Owners (TOs) that own and operate an Energy Management System (EMS) Problem Statement When a second network cable was connected from a voice over internet protocol (VOIP) phone to a network switch lacking proper settings, a packet broadcast storm prevented network communications from functioning, and supervisory control and data acquisition (SCADA) was lost for several hours. Broadcast storm events have also arisen from substation local area network (LAN) issues. Details A conference room was set up for a training class that needed to accommodate multiple PCs. The bridge protocol data unit (BPDU) packet propagation prevention setting was disabled on a port in the conference room in order to place a network switch off of that port. Upon completion of the training, the network switch was removed; however, the BPDU packet propagation setting was inadvertently not restored. As part of a telephone upgrade project, the traditional phone in this conference room was recently replaced by a VOIP phone. Later, an additional network cable was connected to the output port of this VOIP phone into a secondary network jack within the conference room. When the second network cable was connected from a VOIP phone to a network switch lacking proper settings, a switching loop resulted. Spanning tree protocol is normally used to prevent switching loops from propagating broadcast packets continuously until the network capacity is overwhelmed. A broadcast packet storm from the switching loop prevented network communications from functioning and SCADA was lost for several hours. -
Understanding Linux Internetworking
White Paper by David Davis, ActualTech Media Understanding Linux Internetworking In this Paper Introduction Layer 2 vs. Layer 3 Internetworking................ 2 The Internet: the largest internetwork ever created. In fact, the Layer 2 Internetworking on term Internet (with a capital I) is just a shortened version of the Linux Systems ............................................... 3 term internetwork, which means multiple networks connected Bridging ......................................................... 3 together. Most companies create some form of internetwork when they connect their local-area network (LAN) to a wide area Spanning Tree ............................................... 4 network (WAN). For IP packets to be delivered from one Layer 3 Internetworking View on network to another network, IP routing is used — typically in Linux Systems ............................................... 5 conjunction with dynamic routing protocols such as OSPF or BGP. You c an e as i l y use Linux as an internetworking device and Neighbor Table .............................................. 5 connect hosts together on local networks and connect local IP Routing ..................................................... 6 networks together and to the Internet. Virtual LANs (VLANs) ..................................... 7 Here’s what you’ll learn in this paper: Overlay Networks with VXLAN ....................... 9 • The differences between layer 2 and layer 3 internetworking In Summary ................................................. 10 • How to configure IP routing and bridging in Linux Appendix A: The Basics of TCP/IP Addresses ....................................... 11 • How to configure advanced Linux internetworking, such as VLANs, VXLAN, and network packet filtering Appendix B: The OSI Model......................... 12 To create an internetwork, you need to understand layer 2 and layer 3 internetworking, MAC addresses, bridging, routing, ACLs, VLANs, and VXLAN. We’ve got a lot to cover, so let’s get started! Understanding Linux Internetworking 1 Layer 2 vs. -
Web Management Guide
Web Management Guide Digital Data Communications GmbH. http://www.level1.com Web Management Guide GTP-2871 28-Port L3 Lite Managed Gigabit PoE Switch GTP-5271 52-Port L3 Lite Managed Gigabit PoE Switch How to Use This Guide This guide includes detailed information on the switch software, including how to operate and use the management functions of the switch. To deploy this switch effectively and ensure trouble-free operation, you should first read the relevant sections in this guide so that you are familiar with all of its software features. Who Should Read This guide is for network administrators who are responsible for operating and this Guide? maintaining network equipment. The guide assumes a basic working knowledge of LANs (Local Area Networks), the Internet Protocol (IP), and Simple Network Management Protocol (SNMP). How this Guide This guide provides detailed information about the switch’s key features. It also is Organized describes the switch’s web browser interface. For information on the command line interface refer to the CLI Reference Guide. The guide includes these sections: u Section I “Web Configuration” — Includes all management options available through the web browser interface. Related This guide focuses on switch software configuration through the web browser. Documentation For information on how to manage the switch through the command line interface, see the following guide: CLI Reference Guide Note: For a description of how to initialize the switch for management access via the CLI, web interface or SNMP, refer to “Initial Switch Configuration” in the CLI Reference Guide. Conventions The following conventions are used throughout this guide to show information: Note: Emphasizes important information or calls your attention to related features or instructions. -
Refs. 769001, 769002 Art
Refs. 769001, 769002 Art. Nr. WAVEDATAP, WAVEDATAS WaveData AP MyNETWiFi User Guide www.televes.com Table of Contents Important Safety Instructions ..................................................................................... 4 EN Introduction ................................................................................................................. 4 WaveData highlights .............................................................................................. 4 WaveData Package content .................................................................................. 5 Security Considerations ............................................................................................. 5 Operating Considerations .......................................................................................... 5 ENGLISH WaveData Device ........................................................................................................ 5 Port Connections .................................................................................................. 5 Device Buttons ...................................................................................................... 6 Device Leds ........................................................................................................... 6 Installing WaveData ..................................................................................................... 7 Installation example Ref.769001 .......................................................................... 7 Installation -
Sample Architecture for Avaya IP Telephony Solutions with Extreme Networks and Juniper Networks - Issue 1.0
Avaya Solution & Interoperability Test Lab Sample Architecture for Avaya IP Telephony Solutions with Extreme Networks and Juniper Networks - Issue 1.0 Abstract These Application Notes describe the configuration used for interoperability testing conducted between Avaya, Extreme Networks, Juniper Networks and Infoblox. The configuration consists of two locations, Site A and Site B, which were interconnected via serial links over a Wide Area Network (WAN). Testing included aspects of High Availability (HA) architecture, redundant design, Quality of Service (QoS) for voice communications, 802.11x port authentication and firewall Application Layer Gateway (ALG) security. The test cases were designed to confirm basic functionality amongst the vendors in the configuration at Layers 2 through 7. All test cases completed successfully. Information in these Application Notes has been obtained through compliance testing and additional technical discussions. Testing was conducted via the DeveloperConnection Program at the Avaya Solution & Interoperability Test Lab. GAK/SZ; Reviewed: Solution & Interoperability Test Lab Application Notes 1 of 47 SPOC 9/28/2005 ©2005 Avaya Inc. All Rights Reserved. aejarch.doc 1. Introduction The Application Notes provide a sample architecture demonstrating interoperability of products and solutions from Avaya, Extreme Networks, Juniper Networks and Infoblox. Figure 1 depicts the sample configuration. Figure 1: Sample Reference Architecture Configuration GAK/SZ; Reviewed: Solution & Interoperability Test Lab Application Notes 2 of 47 SPOC 9/28/2005 ©2005 Avaya Inc. All Rights Reserved. aejarch.doc An Avaya S8700 IP-Connect based system was used at Site A, depicted in Figure 2. Duplicated IP Server Interface (IPSI) circuit packs were used to provide “High” reliability to the two IPSI- connected G650 Media Gateways. -
Layer 2 Virtual Private Networks CM-SP-L2VPN-I11-130808
Data-Over-Cable Service Interface Specifications Business Services over DOCSIS® Layer 2 Virtual Private Networks CM-SP-L2VPN-I11-130808 ISSUED Notice This DOCSIS specification is the result of a cooperative effort undertaken at the direction of Cable Television Laboratories, Inc. for the benefit of the cable industry and its customers. This document may contain references to other documents not owned or controlled by CableLabs®. Use and understanding of this document may require access to such other documents. Designing, manufacturing, distributing, using, selling, or servicing products, or providing services, based on this document may require intellectual property licenses from third parties for technology referenced in this document. Neither CableLabs nor any member company is responsible to any party for any liability of any nature whatsoever resulting from or arising out of use or reliance upon this document, or any document referenced herein. This document is furnished on an "AS IS" basis and neither CableLabs nor its members provides any representation or warranty, express or implied, regarding the accuracy, completeness, noninfringement, or fitness for a particular purpose of this document, or any document referenced herein. Cable Television Laboratories, Inc., 2006-2013 CM-SP-L2VPN-I11-130808 Data-Over-Cable Service Interface Specifications DISCLAIMER This document is published by Cable Television Laboratories, Inc. ("CableLabs®"). CableLabs reserves the right to revise this document for any reason including, but not limited to, changes in laws, regulations, or standards promulgated by various agencies; technological advances; or changes in equipment design, manufacturing techniques, or operating procedures described, or referred to, herein. CableLabs makes no representation or warranty, express or implied, with respect to the completeness, accuracy, or utility of the document or any information or opinion contained in the report. -
Network Storm Testing
NETWORK STORM TESTING VERIFYING THE ROBUSTNESS OF CONTROL SYSTEM COMMUNICATIONS In this white paper, we discuss a stress situation that can impact communication and redundancy of networked control systems. How can this situation arise, and why should we test for it? Furthermore, we look into what we recommend, how control systems should be tested to avoid that their communication is impacted by network overload. 1/7 INTRODUCTION Let us start with a citation from a senior engineer with A normal Ethernet switch forwards broadcast and the major E&P company of Norway: multicast traffic on all its ports. Other (up- or down- link) switches receiving these broadcast or multicast “Be a demanding customer, prior to FAT, messages, will again forward them to all their ports and apply traffic generator packets on network so on. In an Ethernet network, any looped packet might remain on the network forever. A network storm, i.e. a segments to full bandwidth. Peer to Peer, network stress situation can arise in various ways and multicast and broadcast packets. Graceful can cause a Denial of Service (DoS) in the worst case. reconnect after storm or need for restart?” Probably, the most common reason for a network – Sr. IT Security Engineer, Statoil ASA storm is cabling problems, in particular if a cable loop But what is an unexpected network overload, or net- is present. Other factors contributing to a network work storm situation actually? A network storm can be stress situation are: compared to a room full of people talking loudly and making a conversation between 2 individuals impos- Poor network management and monitoring; sible.