Sep 202017
 

Cisco MAC Address Port Security

We are going to configure basic, no frills, port security on the Cisco Catalyst 2960. From Understanding Port Security – Chapter 62 – Configuring Port Security

You can use port security with dynamically learned and static MAC addresses to restrict a port’s ingress traffic by limiting the MAC addresses that are allowed to send traffic into the port. When you assign secure MAC addresses to a secure port, the port does not forward ingress traffic that has source addresses outside the group of defined addresses. If you limit the number of secure MAC addresses to one and assign a single secure MAC address, the device attached to that port has the full bandwidth of the port.
Continue reading »

Sep 172017
 

First step is connecting the Cisco console to our workstation. I chose to use the Console cable plugged into a Prolific Serial-to-USB adapter. While you can plug your adapter into your Windows workstation and connect via Putty I do not recommend it. Even at Windows 7 I have issues with the adapter and I’m not using one of those cheap Chinese knockoffs. Without fail my workstation will eventually BSoD. Lenovo work laptop or Acer personal laptop it doesn’t matter. I prefer to connect to my Ubuntu workstation and use minicom.
Continue reading »

Sep 172017
 

The following articles that I post will assist in getting your lab setup so you can test techniques to bypass port security. We will start simple and work our way up from “not really secure” to “a little bit more secure”. These tutorials will do the bare minimum to get the device configured. I will not detail any other steps or commands that don’t directly get the job done. My lab starts with a Cisco Catalyst 2960 Switch.
Continue reading »