i am sure this will be beneficial to all the people who are planning to appear in CCIE SEC LAB 3.0
FRAGMENT TINY ATTACK/BUFFER OVERFLOW ATTACK: ========================================= resolve with ACL using fragment keyword or use fragment inside or fragment outside in ASA command ! SMURF Attack: =========== Drop and stop ICMP Echo . Also can do CAR FRAGGLE Attack: ============ Drop and stop UDP echo. Also can do CAR RECONNISSANCE/SCAN Attack: ======================== no ip unreachables under router interface or threat-detection in ASA TCP SYNC DoS Attack : ================= static or nat in ASA setting , MPF is also in ASA to fix this up in tcp-map . on router, you can use tcp intercept command. UDP DOS Attack: ============== CBAC or ZBF on router. Threat Detection on ASA. MiTM Attack in BGP: ================ Password in BGP Peers, GTSM setting. Stealthing FIREWALL: ================ Stop firewall from responding to PING or TRACE. Unstealthing FIREWALL: ================== Open firewall to the world as OPEN SESAME GATEWAY ~ :) SinK Holes and Black Holes: ================================== static route command play with BGP Routing IP Spoofing ATTACK: ================ uRPF on router. BOGON Address filtering (RFC 3330, RFC 2827 , RFC 1918 , RFC 1700 etc) uRPF on ASA . DHCP Starvation Attack: ================== DHCP Snooping protection and Binding database. ARP Poisoning Attack: ================= Dynamic ARP Inspection (DAI) IP MAC Spoofing in Switches : ====================== IPSG with IP or IPSG with IP+MAC setting! regards, Kamran.
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
