Reading Room

Network Devices

Featuring 31 Papers as of May 16, 2012

• • Overview
  • Download
  Shedding Light on Security Incidents Using Network Flows Kevin Gennuso - May 16, 2012

  Incident handlers, and information security teams in general, face significant challenges when dealing with incidents in modern networks.

• • Overview
  • Download
  The Afterglow effect and Peer 2 Peer networks Jerome Radcliffe, - August 25, 2010

  Overall there is room to grow in the area of P2P connection research. This limited study only looked at a small area of P2P interactions. There are an ever‐ growing number of BitTorrent clients and all of them handle the protocol differently. These differences could greatly impact every area of P2P communications, all of which are areas that could be grounds for research. Further research of how P2P clients interact could provide additional ways to increase efficiency and provide enhanced security.

• • Overview
  • Download
  An Open Source Layer 2 Switch Jim Wilson - May 4, 2010

  Small networks tend to grow and often times the growth is unplanned. The result is a network of daisy-chained switches, not the most reliable solution for a multi switch environment. What is needed is a solution which integrates all switches into a single collision domain or IP space. Most administrators would look at a Cisco solution at this point, but maybe we can use a Linux box instead. The Linux bridging software allows us to create a single LAN segment and combined with other Open Source software provide management and monitoring capabilities.

• • Overview
  • Download
  Hey Dude! I Can Do a Great Humphrey Bogart! Lee Peterson - November 11, 2009

  This paper will present a fictitious router impersonation scenario wherein a router is duped into believing an imposter is a router that is already known and trusted. As a result, his routing tables are overwritten and traffic gets re-routed.

• • Overview
  • Download
  Are Network Designs Ready for a Pandemic? Alan R. Mercer - April 27, 2009

  This paper will investigate the network planning and design considerations that would be affected by the operational impacts of an avian flu pandemic upon a typical organization

• • Overview
  • Download
  Auditing and Securing Multifunction Devices Charles Scott - October 15, 2007

  It used to be that a printer was connected directly to a computer via a serial or parallel interface, while fax machines and copiers did not connect to a computer at all. You knew where these devices were in your buildings and securing their physical output was your primary concern. In today's all-in-one world, you can now obtain single devices that are not only printers, but also copiers, scanners, and fax machines. These networked multifunction devices (MFDs) are increasingly common in enterprise environments and are manufactured by vendors such as Canon, HP, Kyocera, Xerox, and many others.

• • Overview
  • Download
  Packet Sniffing In a Switched Environment Tom King - January 18, 2007

  This paper focuses on the threat of packet sniffing in a switched environment, briefly explores the effect in a non-switched environment, and covers ways to mitigate the threat of network sniffing in both non-switched and switched environments.

• • Overview
  • Download
  A Survey of Wireless Mesh Networking Security Technology and Threats Anthony Gerkis - October 18, 2006

  This paper will summarize the technologies and challenges related to wireless mesh networks.

• • Overview
  • Download
  Wired 802.1x Security Mohammed Younus - July 27, 2006

  This paper defines the fundamentals of 802.1x authentication, explains how the authentication process works in 802.1x, and provides the detailed steps to implement 802.1x in a switched LAN environment using Cisco's Implementation of 802.1x.

• • Overview
  • Download
  GIAC Certified Firewall Analyst (GCFW) Matthew Sullivan - May 17, 2005

  In this paper, I will be introducing the technology of Private VLANs (PVLANs) and VLAN ACLs (VACLs) and discussing how they can add security to the defense in depth model.

• • Overview
  • Download
  Security improvement of a wide and heterogeneous set of network devices: a global approach Jean-Marc Millet - February 19, 2005

  This case study describes the most interesting steps of a project to improve the security of a wide set (about one thousand) of network devices (switches, routers, firewalls) originated from many manufacturers. It is intended to describe a global approach which could be reused to tackle such situations.

• • Overview
  • Download
  Egress Filtering For a Better Internet Jason Pierce - January 22, 2005

  During recent years, there has emerged a necessity for all internet users to try to stop inbound threats. Since most internet security is done from a defensive point of view, the questions is left, "Can proactive internet security provide viable solutions to some of the most serious problems facing the internet today?

• • Overview
  • Download
  Security and Vulnerability Analysis of an Ethernet-based attack on Cisco IOS Robert Foxworth - June 9, 2004

  We note the recent attack on Cisco routers, publicized in July 2003, and analyze this work and expand upon it. This exploit used crafted packets to overflow the input buffer on Cisco devices and caused a Denial of Service, making the device unavailable for legitimate users, leading to loss of network connectivity.

• • Overview
  • Download
  Securing SNMP: A Look at Net-SNMP (SNMPv3) Michael Stump - October 31, 2003

  This paper addresses the many improvements, enhancements, and additions that comprise net-snmp, as well as the benefits of using SNMP to monitor network devices and computers.

• • Overview
  • Download
  Implementing a Secure Internal Network Ken Creekmore - October 31, 2003

  This paper presents how-to options and suggestions for designing and securing an internal network. Scenarios are provided concerning designs that may currently be in place and discussions and analysis on the risks involved and the vulnerabilities presented are included.

• • Overview
  • Download
  Virtual LAN Security: weaknesses and countermeasures Steve Rouiller - October 31, 2003

  In this paper we have presented some attacks on VLAN and how to avoid these attacks.

• • Overview
  • Download
  Securing out-of-band device management Marc Kolaks - October 31, 2003

  This paper will outline vulnerabilities of out-of-band managed systems and devices, provide worksheets for helping to ensure security and give examples of possible architectures for secure remote access.

• • Overview
  • Download
  A Security Assessment of the Ricoh Afcio 450E Multifunction Device David Garrard - October 31, 2003

  This paper provides a Security Assessment of the Ricoh Afcio 450E multifunction device.

• • Overview
  • Download
  Nortel Instant Internet 100-S VPN Configuration Lloyd Ardoin - October 31, 2003

  This paper will discuss the configuration and use of the Nortel Instant Internet 100-S as a VPN client in one organization's network environment.

• • Overview
  • Download
  Easy Steps to Cisco Extended Access List Nancy Navato - October 31, 2003

  The purpose of this document is to explain in simple words how you can easily create an Extended Access List and apply it to your Cisco Router interface.

• • Overview
  • Download
  Disabling Unneeded Features and Services on Cisco Internet Gateway Routers Toon Mordijck - October 31, 2003

  The focus of this document is on closing down services and features as part of the hardening of the router.

• • Overview
  • Download
  Securing IP Routing and Remote Access on Cisco Routers Mohammed Hatta - October 31, 2003

  This paper examines the ways to secure a Cisco router as the first step of defending your network.

• • Overview
  • Download
  Securing the Cisco Local Director Scott Ambrose - October 31, 2003

  This paper documents specific implementation steps required to secure a well-known, widely implemented network appliance load balancer: The Cisco LocalDirector.

• • Overview
  • Download
  Router Audit Tool: Securing Cisco Routers Made Easy! Brian Stewart - October 31, 2003

  This document will discuss the need for a tool such as the CIS Router Audit Tool and it's function in confirming that routers are securely configured in a large network environment.

• • Overview
  • Download
  Securing Your Network With An Internet Access Router (or Getting Your Money's Worth From Your Cisco Gear) Mark Degner - October 31, 2003

  In this document, we will cover the configurations that should be applied to nearly any Cisco router, and routers deployed for Internet access in particular

• • Overview
  • Download
  Securing The Network With Cisco Router Bang Tan - October 31, 2003

  This paper discusses the steps of and security features available on a Cisco router for enhancing the security of a network. Topics covered include: the securing of routing updates through neighbor router authentication and route filtering, using IPSec to secure remote administration of Cisco routers; an overview of reflexive access list and content-based application control; combating code red with network-based application recognition; and, performing integrity checking on routers.

• • Overview
  • Download
  HOW-TO Securely Use SNMP on a BGP/MPLS VPN Network Guillaume Tamboise - October 31, 2003

  This papers discusses how SNMP can be successful in network management.

• • Overview
  • Download
  IPv4 Multicast Security: A Network Perspective Tom Bachert - October 31, 2003

  This paper examines the security implications of multicast communications as they relate to network management.

• • Overview
  • Download
  Implementing Secure Access to Cisco Devices using TACACS+ and SSH Paul Asadoorian - May 20, 2003

  The goal of this paper is to provide an easy guide for network administrators to implement secure remote access for all Cisco networking equipment.

• • Overview
  • Download
  How to Install IC Radius and Extend via Custom Perl Script Michael Meacle - March 15, 2002

  In this HOW TO I will investigate how for a typical company you can install and extend a freely available radius server. In addition, detailed steps also show how the extended radius server can be configured to authenticate a selection of different network elements.

• • Overview
  • Download
  Understanding and Implementing TACACS+ Randy Feliz - October 14, 2001

  This paper will focus on understanding and implementing TACACS+

Masters This paper was created by a SANS Technology Institute student as part of their Master's curriculum.