Engineers’ Handbook of Routing, Switching, and Security with …978-1-4842-0859-5/1.pdf ·...

Cisco NetworksEngineers’ Handbook of Routing, Switching, and Security with IOS,

NX-OS, and ASA

Chris Carthern

William Wilson

Richard Bedwell

Noel Rivera

Cisco Networks: Engineers’ Handbook of Routing, Switching, and Security with IOS, NX-OS, and ASA

Copyright © 2015 by Chris Carthern, William Wilson, Richard Bedwell, and Noel Rivera

This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. Exempted from this legal reservation are brief excerpts in connection with reviews or scholarly analysis or material supplied specifically for the purpose of being entered and executed on a computer system, for exclusive use by the purchaser of the work. Duplication of this publication or parts thereof is permitted only under the provisions of the Copyright Law of the Publisher’s location, in its current version, and permission for use must always be obtained from Springer. Permissions for use may be obtained through RightsLink at the Copyright Clearance Center. Violations are liable to prosecution under the respective Copyright Law.

ISBN-13 (pbk): 978-1-4842-0860-1

ISBN-13 (electronic): 978-1-4842-0859-5

Trademarked names, logos, and images may appear in this book. Rather than use a trademark symbol with every occurrence of a trademarked name, logo, or image we use the names, logos, and images only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark.

The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to proprietary rights.

While the advice and information in this book are believed to be true and accurate at the date of publication, neither the authors nor the editors nor the publisher can accept any legal responsibility for any errors or omissions that may be made. The publisher makes no warranty, express or implied, with respect to the material contained herein.

Managing Director: Welmoed SpahrAcquisitions Editor: Robert HutchinsonDevelopmental Editor: Douglas PundickTechnical Reviewer: Evan KwisnekEditorial Board: Steve Anglin, Pramilla Balan, Louise Corrigan, James DeWolf, Jonathan Gennick,

Robert Hutchinson, Celestin Suresh John, Michelle Lowman, James Markham, Susan McDermott, Matthew Moodie, Jeffrey Pepper, Douglas Pundick, Ben Renow-Clarke, Gwenan Spearing

Coordinating Editor: Rita FernandoCopy Editor: Kim Burton-WeismanCompositor: SPi GlobalIndexer: SPi Global

Distributed to the book trade worldwide by Springer Science+Business Media New York, 233 Spring Street, 6th Floor, New York, NY 10013. Phone 1-800-SPRINGER, fax (201) 348-4505, e-mail [email protected], or visit www.springer.com. Apress Media, LLC is a California LLC and the sole member (owner) is Springer Science + Business Media Finance Inc (SSBM Finance Inc). SSBM Finance Inc is a Delaware corporation.

For information on translations, please e-mail [email protected], or visit www.apress.com.

Apress and friends of ED books may be purchased in bulk for academic, corporate, or promotional use. eBook versions and licenses are also available for most titles. For more information, reference our Special Bulk Sales–eBook Licensing web page at www.apress.com/bulk-sales.

Any source code or other supplementary materials referenced by the author in this text is available to readers at www.apress.com. For detailed information about how to locate your book’s source code, go to www.apress.com/source-code/.

mailto:[email protected]

www.springer.com

mailto:[email protected]

www.apress.com

www.apress.com/bulk-sales

www.apress.com

www.apress.com/source-code/

Dedicated to my parents, wife, and sister with love.

—Chris Carthern

v

Contents at a Glance

About the Authors ��xxv

About the Technical Reviewer ��xxvii

Acknowledgments ��xxix

Introduction ��xxxi

■Chapter 1: Introduction to Practical Networking�� 1

■Chapter 2: The Physical Medium �� 23

■Chapter 3: Data Link Layer �� 35

■Chapter 4: The Network Layer with IP �� 49

■Chapter 5: Intermediate LAN Switching �� 69

■Chapter 6: Routing �� 93

■Chapter 7: VLANs, Trunking, VTP, and MSTP �� 149

■Chapter 8: Basic Switch and Router Troubleshooting �� 187

■ Chapter 9: Network Address Translation and Dynamic Host Configuration Protocol �� 255

■Chapter 10: Management Plane �� 273

■Chapter 11: Data Plane �� 297

■Chapter 12: Control Plane �� 319

■Chapter 13: Introduction to Availability �� 383

■Chapter 14: Advanced Switching �� 407

■Chapter 15: Advanced Routing �� 425

vi

■ Contents at a GlanCe

■Chapter 16: Advanced Security �� 481

■Chapter 17: Advanced Troubleshooting �� 555

■Chapter 18: Effective Network Management �� 623

■Chapter 19: Data Center and NX-OS �� 649

■Chapter 20: Wireless LAN (WLAN) �� 689

■Chapter 21: ASA and IDS �� 715

■Chapter 22: Introduction to Network Penetration Testing �� 759

■Chapter 23: Multiprotocol Label Switching �� 773

Index �� 825

vii

Contents

About the Authors ��xxv

About the Technical Reviewer ��xxvii

Acknowledgments ��xxix

Introduction ��xxxi

■Chapter 1: Introduction to Practical Networking�� 1

Tools of the Trade �� 1

Open Systems Interconnection (OSI) Model �� 2

Physical Layer �� 5

Data Link Layer �� 6

Network Layer �� 7

Transport Layer �� 7

Connection-Oriented �� 8

Session Layer �� 8

Presentation Layer �� 9

Application Layer �� 9The OSI Model: Bringing It All Together�� 9

TCP/IP Protocol �� 11TCP/IP Application Layer �� 12

TCP/IP Transport Layer �� 12

TCP/IP Internet Layer �� 13

TCP/IP Network Interface Layer �� 14

Reliability �� 15

Three-Way Handshake and Connection Termination �� 16

User Datagram Protocol�� 17

viii

■ Contents

Port Numbers �� 18

Types of Networks �� 19

Personal Area Network �� 19

Local Area Network �� 19

Campus Area Network �� 19

Metropolitan Area Network �� 19

Wide Area Network �� 20

Wireless Wide Area Network �� 20

Virtual Private Network �� 20

Hierarchical Internetwork Model �� 21

Summary �� 22

■Chapter 2: The Physical Medium �� 23

The Physical Medium �� 23

Standards �� 24

Cables�� 25

Twisted Pair Cable �� 25

Coaxial Cable �� 27

Fiber Optical Cabling �� 28

Fiber Optic Transmission Rates �� 28

Wireless Communication �� 29

The Ethernet �� 29

Duplex �� 30

Time-Division Duplexing �� 31

Frequency-Division Duplexing �� 31

Autonegotiation �� 31

Unidirectional Link Detection �� 32

Common Issues �� 33

Duplex Mismatch �� 33

Bad Connector Terminations �� 33

Summary �� 33

ix

■ Contents

■Chapter 3: Data Link Layer �� 35

Protocols �� 35

The Address Resolution Protocol (ARP) �� 35

The Reverse Address Resolution Protocol (RARP) �� 38

Link Layer Functions �� 38

Framing �� 38

Addressing �� 38

Synchronizing �� 39

Flow Control�� 39

Link Layer Discovery Protocol (LLDP) �� 40

Class of Endpoints �� 40

LLDP Benefits �� 41

Cisco Discovery Protocol (CDP) �� 44

Summary �� 48

■Chapter 4: The Network Layer with IP �� 49

IP Addressing (Public vs� Private) �� 50

Public �� 50

Private �� 50

IPv4 �� 50

Class A �� 51

Class B �� 51

Class C �� 51

IPv4 Packet Header�� 52

IPv6 �� 53

IPv6 Packet Header�� 54

Classless Inter-Domain Routing �� 55

Subnetting �� 55

Subnet Mask �� 56

Variable Length Subnet Masking �� 59

Classful Subnetting�� 61

x

■ Contents

Subnetting Exercises �� 62

Subnetting Exercise Answers �� 65

Exercise 1 Answers �� 65




Summary �� 68

■Chapter 5: Intermediate LAN Switching �� 69

Configuration Help �� 72

Displaying the Running Configuration �� 73

Configuring the Router �� 74

Switching �� 76

EtherChannel �� 76

Spanning Tree Protocol �� 81

Why Do You Need STP?�� 81

How STP Works �� 81

Bridge Protocol Data Units �� 81

Rapid Spanning Tree Protocol �� 82

Exercises �� 86

Exercise Answers �� 87

Exercise 1 �� 87



Summary �� 91

■Chapter 6: Routing �� 93

Static Routing �� 93

The Process of Routing �� 94

Default Routing �� 98

Testing Connectivity�� 98

xi

■ Contents

Dynamic Routing Protocols �� 100

Distance-Vector Routing Protocol �� 100

Link-State Routing Protocol �� 101

Hybrid Routing Protocol �� 102

RIP �� 102

Configuration �� 103

Authentication �� 104

EIGRP �� 108

OSPF �� 114

Configuring OSPF �� 117

Router ID �� 123

BGP �� 123

BGP Configuration �� 124

Administrative Distance �� 129

RIP �� 129

EIGRP �� 130

OSPF �� 130

BGP �� 131

Exercises �� 131







Summary �� 147

xii

■ Contents

■Chapter 7: VLANs, Trunking, VTP, and MSTP �� 149

Virtual Logical Network (VLAN)�� 149

VLAN Configuration �� 150

Trunking �� 155

Trunk Configuration �� 157

Routing Between VLANs �� 159

Routing VLANs Configurations �� 160

VLAN Trunking Protocol �� 162

VTP Modes �� 162

Multiple Spanning Tree Protocol �� 165

MSTP Configuration �� 167






Summary �� 185

■Chapter 8: Basic Switch and Router Troubleshooting �� 187

Troubleshooting 101 �� 187

Documenting Your Network �� 187

First Things First: Identify the Problem �� 188

Top-Down Approach �� 189

Bottom-Up Approach �� 190

Physical Medium and Ethernet �� 191

VLANs and Trunks �� 194

EtherChannel �� 198

VTP �� 200

Spanning Tree �� 202

xiii

■ Contents

Routing �� 205

Static Routing �� 205

Dynamic Routing �� 208

RIP �� 208

EIGRP �� 212

OSPF �� 219

BGP �� 227










Summary �� 254

■ Chapter 9: Network Address Translation and Dynamic Host Configuration Protocol �� 255

NAT �� 255

Static Nat �� 256

Dynamic NAT �� 257

Port Address Translation (PAT) �� 258

DHCP �� 261

DHCP Process �� 261

Setting up a Router As a DHCP Client �� 262

Setting up a Router to Send a Request to a DHCP Server �� 262

Setting up a Router As a DHCP Server �� 263


xiv

■ Contents






Summary �� 272

■Chapter 10: Management Plane �� 273

The Management Plane Defined �� 273

Authentication and Authorization Basics �� 274User Accounts �� 276

Password Recovery �� 277

Banners �� 279

Management Sessions �� 280Telnet �� 280

SSH �� 281

Console and Auxiliary Lines �� 282

Disabling Services �� 283Disabled Services �� 283

Disabled Services on Interfaces �� 284

Authentication, Authorization, and Accounting (AAA) �� 284RADIUS �� 285

TACACS+�� 287

Monitoring/Logging �� 288Simple Network Management Protocol �� 288

syslog �� 291


Exercise Answers �� 295Exercise 1 �� 295



Summary �� 296

xv

■ Contents

■Chapter 11: Data Plane �� 297

Traffic Protocols �� 297

Filters and Introduction to Data Plane Security �� 299

State Machines �� 302

Stateful Protocols �� 306

Stateless Protocols �� 310

NetFlow and sFlow �� 311


Summary �� 317

■Chapter 12: Control Plane �� 319

Layer 2 �� 319

Routing Protocols �� 322

Interior Gateway Protocols �� 323

Exterior Gateway Protocols�� 340

Protocol Independent Multicasting �� 347

Domain Name System �� 351

Network Time Protocol �� 354


Preliminary Work �� 358

OSPF �� 360

BGP �� 361

NTP �� 361

EIGRP Named Mode with Authentication �� 362

Multicast �� 362


Preliminary Configuration �� 362

OSPF �� 366

BGP �� 369

xvi

■ Contents

NTP �� 375

EIGRP Name Mode with Authentication �� 377

Multicast �� 378

Summary �� 381

■Chapter 13: Introduction to Availability �� 383

High Availability �� 383

First Hop Redundancy Protocol (FHRP) �� 384

HSRP �� 384

VRRP �� 388

GLBP �� 390

Multilinks �� 394

Availability Exercises �� 396






Summary �� 406

■Chapter 14: Advanced Switching �� 407

Port Security �� 407

DHCP Snooping �� 409

HSRP �� 409

VRRP �� 411

Server Load Balancing (SLB) �� 414

TFTP �� 415

IOS Switch Upgrade �� 416

Password Recovery �� 416

Virtual Switching Systems (VSS) �� 418

xvii

■ Contents

Advanced Switching Exercises�� 421

Advanced Switching Exercise Answers �� 422



Summary �� 423

■Chapter 15: Advanced Routing �� 425

Policy-Based Routing Using Route Maps �� 425

Redistribution �� 428

RIP Redistribution Overview �� 429

EIGRP Redistribution Overview �� 429

OSPF Redistribution Overview �� 431

BGP Redistribution Overview �� 432

Avoiding Loops and Suboptimal Routing �� 433

EIGRP �� 434

Unicast �� 435

Summarization �� 435

Load Balancing �� 436

EIGRP Stub �� 436

Traffic Engineering with EIGRP �� 436


Multiarea and Advanced OSPF �� 438

Summarization �� 440

OSPF Stub �� 440

Cost Manipulation �� 441

OSPF Virtual Link �� 441


BGP �� 443

Address Families �� 443

Peer Groups and Templates �� 444

Dynamic Neighbors �� 446

xviii

■ Contents

Next Hop Issues with iBGP �� 448

Anycast �� 448

Traffic Engineering with BGP �� 449

IPv6 Routing �� 451

EIGRPv6 �� 453

OSPFv3 �� 456

GRE Tunnels �� 458

BGP Issues �� 460

IPSec �� 461

IOU8 Configuration �� 463

IOU9 Configuration �� 465

Advanced Routing Exercises �� 466

Exercise 1: EIGRP and OSFP Redistribution �� 466

Exercise 2: GRE and IPSEC �� 467

Exercise 3: BGP �� 467

Exercise 4: IPv6 OSPF and EIGRP Redistribution �� 468






Summary �� 479

■Chapter 16: Advanced Security �� 481

Owning Your Spanning Tree �� 482

Securing Your Trunks and Ports �� 499

802�1x (dot1x) �� 506

Examples Using OpenSSL to Generate Signed Certificates �� 520

CDP and LLDP �� 523

ARP the Way to IP �� 530

xix

■ Contents

Private VLANs �� 536

Use Case �� 536

Promiscuous vs� Community vs� Isolated �� 537


Using Extended ACLs, PACL, and VACL �� 539

VACL�� 540

PACL �� 541

AAA �� 542

Use Case �� 542

Console �� 542

AUX Port �� 542

VTY Ports �� 543

Local Authentication and Authorization �� 543

Remote AAA (TACACS, RADIUS)�� 543


Advanced Security Exercises �� 550

Exercise 1: Extended ACL Exercises �� 550

Exercise 2: AAA Exercises �� 550




Summary �� 553

■Chapter 17: Advanced Troubleshooting �� 555

Access Control List �� 555

VACL �� 558

PACL �� 559

Network Address Translation �� 559

Static NAT �� 560

Dynamic NAT �� 565

Overload �� 569

xx

■ Contents

HSRP, VRRP, and GLBP �� 571

HSRP �� 572

VRRP �� 573

EIGRP �� 576

OSPF �� 580

BGP �� 583

Neighbor Relationships�� 583

Missing Prefixes �� 585

Route Redistribution �� 590

EIGRP �� 590

OSPF �� 593

GRE Tunnels �� 596

Recursive Routing�� 599

IPSec �� 599

IPv6 �� 602

Advanced Troubleshooting Exercises �� 611




Summary �� 621

■Chapter 18: Effective Network Management �� 623

Logs �� 623

Simple Network Management Protocol �� 625

Service Level Agreements and Embedded Event Manager �� 631

sFlow and Netflow Tools �� 634

Intrusion Detection and Prevention Systems �� 638

Management and Design of Management Data �� 640

xxi

■ Contents


syslog �� 644

SNMP �� 644

Service Policy �� 645


Initial Configuration �� 645

syslog �� 646

SNMP �� 647

Service Policy �� 647

Summary �� 648

■Chapter 19: Data Center and NX-OS �� 649

NX-OS �� 649

SSH and Telnet �� 651

User Accounts �� 652

VLAN �� 653

Configuring a Non-Routed VLAN �� 653

Configuring a VLAN As a Routed Switched Virtual Interface (SVI)�� 653

VLAN Trunking Protocol �� 654

EIGRP �� 655

OSPF �� 659

BGP �� 663

Port Channels �� 665

Port Profiles �� 671

FEX �� 671

First Hop Redundancy Protocols �� 672

HSRP �� 672

VRRP �� 674

GLBP �� 675

xxii

■ Contents

Network Virtualization �� 679

Virtual Device Context (VDC) �� 679

Virtual Port Channel (vPC) �� 680

Virtual Routing and Forwarding (VRF) Lite �� 681

NX-OS Exercise �� 685

Exercise Answer �� 686

Summary �� 688

■Chapter 20: Wireless LAN (WLAN) �� 689

Wireless LANs (WLANs) �� 689

Wireless Standards �� 689

Wireless Components �� 690

Wireless Access Points �� 690

Wireless Controllers/Switches �� 690

Wireless Bridges �� 691

Wireless Repeaters �� 691

Wireless Antennas �� 691

Installing a WLAN �� 692Wireless Site Survey �� 692

Range, Signal Strength, and Performance �� 693

Access Point Installation�� 693

Access Point Configuration �� 694

WLAN Controller Installation �� 701

WLAN Controller Configuration �� 702

Security �� 707Encryption and Authentication �� 707

Threats and Vulnerabilities �� 712

Wireless Exercise �� 713


Summary �� 714

xxiii

■ Contents

■Chapter 21: ASA and IDS �� 715

Testing Policies in Safe Environment �� 715

Initial Setup �� 716

Baseline the Network �� 725

Access Rules �� 731

Open Services �� 733

Anti-Spoofing �� 735

Fragmentation �� 737

Designing Service Policies �� 738Passwords �� 739

■Chapter 22: Introduction to Network Penetration Testing �� 759

Overview �� 759

Reconnaissance and Scanning �� 760Vulnerability Assessment �� 763

Exploitation �� 767

Summary �� 772

■Chapter 23: Multiprotocol Label Switching �� 773

Multiprotocol Label Switching Basics �� 773

Label Protocols �� 780

LDP Security and Best Practices �� 782

LDP Verification �� 786

MPLS VPN �� 788

Site-to-Site VPN �� 790

Shared Extranet �� 800

Leaking Prefixes �� 803

xxiv

■ Contents

IPv6 over MPLS �� 806


MPLS Backbone �� 810


Leak to Customer B �� 811

Tunneling IPv6 �� 812


MPLS Backbone �� 813


Leak to Customer B �� 818

Tunneling IPv6 �� 821

Summary �� 823

Index �� 825

xxv

About the Authors

Chris Carthern (CCNP, CISSP) is a senior network engineer for the US Department of Defense. He is responsible for analyzing, designing, installing, configuring, maintaining, and repairing Cisco network infrastructure and application components, and for training and mentoring junior network engineers and preparing them for Cisco and CISSP certification exams. Carthern took his BS (honors) in computer science from Morehouse College and his MS in system engineering from the University of Maryland, Baltimore County (UMBC). He holds the following certifications: Cisco Certified Network Professional (CCNP), Certified Information Systems Security Professional (CISSP), CompTIA Security+, Brocade Certified Network Professional (BNCP), and ITIL v3.

William Wilson is a senior network engineer with 20 years of information technology experience. He is responsible for design, implementation, and maintenance of campus, WAN, and data center networks. William completed his undergraduate degree in Mathematics at University of Colorado, and obtained his MS and doctoral degrees in computer science from Colorado Technical University. He holds the following certifications: Cisco Certified Network Professional (CCNP), Cisco Certified Security Professional (CCSP), Certified Information Systems Security Professional (CISSP), CompTIA Security+, CompTIA A+, Certified Ethical Hacker (CEH), Microsoft Certified Systems Engineer (MCSE), Microsoft Certified Solutions Developer (MCSD), and Microsoft Certified Database Administrator (MCDBA). He passed the written portion of the CCIE certification and he is studying for the practical lab component.

Richard Bedwell (CCNP, CCDP, JNCIS) has worked for the US Department of Defense for more than 10 years, supporting network administration, security, and engineering in multiple environments and locations throughout the world. He has provided maintenance, configuration, operational support, and engineering in voice, video, and data networks using multiple vender solutions for LAN, CAN, MAN, and WAN networks, primarily using Cisco Devices. Richard has a degree in business administration (BA), with a focus on Management Information Systems (MIS), from Tennessee Technological University in Cookeville. He holds the following certifications: Cisco Certified Network Associate (CCNA), CCNA Voice, CCNA Security, CCNA Wireless, Cisco Certified Design Associate (CCDA), Cisco Certified Network Professional (CCNP), Cisco Certified Design Professional (CCDP), CompTIA Security+, CompTIA Security+ CE, Juniper Network Certified Internet Specialist (JNCIS), and ITILv3 Foundations.

xxvi

■ about the authors

Noel Rivera is an IP lead analyst at CACI International, Inc. He was formerly a network systems engineer at Lockheed Martin and the US Department of Defense. Rivera has a bachelor’s degree in electrical and computing engineering from the University of Puerto Rico—Mayaguez, and master’s degrees in electrical, electronics and communications engineering and in computer science, both from John Hopkins University. He holds the following certifications: Cisco Certified Network Professional Routing and Switching/Security (CCNP), Certified Information Systems Security Professional (CISSP), VMWare Certified Professional 5—Data Center Visualization (VCP5-DC), CompTIA Security+, Certified Ethical Hacker (CEH), Cisco Certified Design Professional (CCDP), and Cisco ASA Specialist.

xxvii

About the Technical Reviewer

Evan Kwisnek currently works as a senior IT instructor for Wavefront Technologies, Inc. He is responsible for training and preparing DoD and military personnel to install, configure, and maintain global enterprise networks. He specializes in training individuals to integrate Voice over IP, video, and data networks with global reach-back capabilities. When not actively training, Evan provides technical and developmental support for training and documentation efforts. Evan previously served in the United States Army, where he was an electronics technician. Evan holds numerous certifications from vendors such as Cisco, CompTIA, VMware, and Microsoft.

xxix

Acknowledgments

First, I would like to thank God for giving me the strength to complete the large task of writing a book. I would like to thank my loving wife, Genna, for the support while I spent countless hours writing this book. Many thanks also must go out to my co-authors for contributing to this work. Thanks must also be given to my parents, Taylor and Lisa, and sister, Breanna, for all the support you have given me and importance you have placed on higher education. To my colleague Kelvin “KJ” Johnson, thanks for testing my labs and providing feedback, and Dieter, thanks for the support. And to my technical reviewer, Evan Kwisnek, thank you for all the feedback on the content and exercises in the book; this book is better because of your diligent reviews. I would like to send a big thanks to my publisher, Apress, for taking my book proposal and guiding me through the writing process. For anyone I missed, thank you all for your support and helping me become a better engineer! Last but not least, I can’t forget Bowman.

—Chris Carthern

xxxi

Introduction

Do you want to become a better and more efficient network engineer? If you answered yes to that question, then Cisco Networks: Engineers’ Handbook of Routing, Switching, and Security with IOS, NX-OS, and ASA is for you. You will learn intermediate and advanced concepts of configuring, managing, and troubleshooting Cisco networks. Most chapters provide examples of configuring network devices and include exercises to reinforce the concepts that were covered. Each exercise also includes a step-by-step solution to the question, in the event you are not able to solve the problem.

This book is meant to be a configuration guide, not geared toward certifications, with an emphasis on solving real-world day-to-day challenges. Although this book is not focused on certifications, readers will learn the skills and concepts needed to pass Cisco CCENT, CCNA, and CCNP certification exams. Readers will also learn how to build and configure at-home labs using virtual machines and lab exercises to practice advanced Cisco commands.

This book differentiates itself from other Cisco books on the market by approaching network security from a hacker’s perspective. Not only does it provide network security recommendations but it teaches you how to use such tools as oclHashcat, Loki, Burp Suite, Scapy, Metasploit, and Kali to actually test the security concepts learned. The book combines a black-hat perspective that most network engineers have a disconnect with unless they are network penetration testers. Cisco Networks not only discusses security but also provides the how-to on using the black-hat tools for network security testing.

The goal of this book is to eliminate the need to have three or four books in your library. The book covers commands related to Cisco IOS, NX-OS for datacenter installations, and ASA configurations. If you are a network engineer, or aspiring to be one, this book is for you.

Now on to Chapter 1.

Date post:	09-Apr-2018
Category:	Documents
Upload:	truongkhanh
View:	222 times
Download:	2 times

Engineers’ Handbook of Routing, Switching, and Security with …978-1-4842-0859-5/1.pdf ·...

Documents