Welcome to Scribd!

Describing STP Security Mechanisms: Minimizing Service Loss and Data Theft in A Campus Network

Uploaded by

0% found this document useful (0 votes)

6 views9 pages

This document discusses various mechanisms for minimizing service loss and data theft in a campus network, including BPDU guard, BPDU filtering, and root guard. BPDU guard and filtering protect ports configured for rapid transitioning and help prevent switches from being added. Root guard prevents a port from becoming a root port or blocking root port. The document provides configuration commands and commands for verifying these security mechanisms.

Original Description:

Original Title

BCMSN30S08L04

Copyright

Available Formats

PPT, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PPT, PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as ppt, pdf, or txt

0% found this document useful (0 votes)

6 views9 pages

Describing STP Security Mechanisms: Minimizing Service Loss and Data Theft in A Campus Network

Uploaded by

rajkumarlodh

Copyright:

Available Formats

Download as PPT, PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as ppt, pdf, or txt

Jump to Page

You are on page 1of 9

Search inside document

Minimizing Service Loss and Data Theft in a Campus Network

Describing STP Security Mechanisms

Protecting the Operation of STP

Protection against switches

being added on PortFast ports.
• BPDU guard shuts ports
down.
• BPDU filter specifies action
to be taken when BPDUs are
received.
Enabling and Verifying BPDU Guard

Switch(config)#spanning-tree portfast bpduguard

• Enables BPDU guard

Switch#show spanning-tree summary totals

• Displays BPDU guard configuration information
Switch#show spanning-tree summary totals

Root bridge for: none.

PortFast BPDU Guard is enabled
Etherchannel misconfiguration guard is enabled
UplinkFast is disabled
BackboneFast is disabled
Default pathcost method used is short

Name Blocking Listening Learning Forwarding STP Active

-------------------- -------- --------- -------- ---------- ----------
34 VLANs 0 0 0 36 36
Describing BPDU Filtering
Switch(config)#spanning-tree portfast bpdufilter default

• Enables BPDU filtering

Switch#show spanning-tree summary totals
• Displays BPDU filtering configuration information
Switch#show spanning-tree summary totals
Root bridge for:VLAN0010
EtherChannel misconfiguration guard is enabled
Extended system ID is disabled
Portfast is enabled by default
PortFast BPDU Guard is disabled by default
Portfast BPDU Filter is enabled by default
Loopguard is disabled by default
UplinkFast is disabled
BackboneFast is disabled
Pathcost method used is long

Name Blocking Listening Learning Forwarding STP Active

---------------------- -------- --------- -------- ---------- ----------
2 vlans 0 0 0 3 3
Describing Root Guard
Describing Root Guard Configuration Commands

Switch(config-if)#spanning-tree guard root

• Configures root guard

Switch#show running-config interface fa 0/1

Switch#show spanning-tree inconsistentports

• Verifies root guard

Verifying Root Guard
Switch#show running-config interface interface mod/port

• Displays interface configuration information

Switch#show spanning-tree inconsistentports

• Displays information about ports in inconsistent states

Switch#show running-config interface fastethernet 5/8
Building configuration...
Current configuration: 67 bytes
!
interface FastEthernet5/8
switchport mode access
spanning-tree guard root
Switch#show spanning-tree inconsistentports
Name Interface Inconsistency
-------------------- ---------------------- ------------------
VLAN0001 FastEthernet3/1 Port Type Inconsistent
VLAN0001 FastEthernet3/2 Port Type Inconsistent
VLAN1002 FastEthernet3/1 Port Type Inconsistent

Number of inconsistent ports (segments) in the system :3

Summary

• BPDU guard and BPDU filtering protect the operation of STP on

PortFast-configured ports.
• When BPDU guard is configured globally, it affects all PortFast
configured ports.
• BPDU guard can be configured per port, even on those ports not
configured with PortFast.
• BPDU filtering can be configured globally or
per port.
• The root switch cannot be elected via BPDUs received on a root-
guard-configured port.
• Root guard can be configured and verified using various commands.

Movie Analysis Assignment
Document3 pages
Movie Analysis Assignment
Dawn Caldeira
67% (3)
Micro Qs
Document40 pages
Micro Qs
Liz
100% (1)
3 7 5 EtherChannel
Document9 pages
3 7 5 EtherChannel
shareefgs5560
No ratings yet
Packet Tracer LAB
Document38 pages
Packet Tracer LAB
AsamiYamanaka
No ratings yet
Describing STP Security Mechanisms: Minimizing Service Loss and Data Theft in A Campus Network
Document9 pages
Describing STP Security Mechanisms: Minimizing Service Loss and Data Theft in A Campus Network
ThanhNN0312
No ratings yet
Cis187 4 PVST RSTP
Document66 pages
Cis187 4 PVST RSTP
Juni Cluters
No ratings yet
Show Spanning-Tree: Syntax Description
Document4 pages
Show Spanning-Tree: Syntax Description
Tinh Buon
No ratings yet
How To Improve and Harden Spanning-Tree Configuration Configuration Note Dec 08 A4
Document12 pages
How To Improve and Harden Spanning-Tree Configuration Configuration Note Dec 08 A4
Aamir Majeed
No ratings yet
L2 Forwarding Table Security Acls Qos Acls
Document13 pages
L2 Forwarding Table Security Acls Qos Acls
David Zambrano
No ratings yet
Troubleshooting Case Study: RADULKO Transport: CCNP TSHOOT: Maintaining and Troubleshooting IP Networks
Document30 pages
Troubleshooting Case Study: RADULKO Transport: CCNP TSHOOT: Maintaining and Troubleshooting IP Networks
Austin Spiller
No ratings yet
STP
Document3 pages
STP
PRABHAT KUMAR
No ratings yet
STP (Spanning Tree Protocol) Attack
Document7 pages
STP (Spanning Tree Protocol) Attack
sethkartikeya08
No ratings yet
Section 1.1: Configure The ACME Headquarters Network (AS 12345) As Per The Following Requirements
Document59 pages
Section 1.1: Configure The ACME Headquarters Network (AS 12345) As Per The Following Requirements
dimkatsar30
No ratings yet
Layer 2 Security: Topology
Document3 pages
Layer 2 Security: Topology
Lupita Vázquez
No ratings yet
ENCOR - Chapter - 3 - Advanced STP Tuning
Document34 pages
ENCOR - Chapter - 3 - Advanced STP Tuning
wonde
No ratings yet
Troubleshooting STP Issues
Document6 pages
Troubleshooting STP Issues
Trending Duniya
No ratings yet
PT Activity: Layer 2 Security: Instructor Version
Document4 pages
PT Activity: Layer 2 Security: Instructor Version
Edwin Marin
No ratings yet
Chapter 3: Advanced STP Tuning: CCNP Enterprise: Core Networking
Document34 pages
Chapter 3: Advanced STP Tuning: CCNP Enterprise: Core Networking
Phan Sư Ýnh
No ratings yet
Understanding Switch Security Issues: Minimizing Service Loss and Data Theft in A Campus Network
Document69 pages
Understanding Switch Security Issues: Minimizing Service Loss and Data Theft in A Campus Network
Arun Joy
No ratings yet
ENCOR Chapter 3
Document28 pages
ENCOR Chapter 3
Adrian Arreaga
No ratings yet
Chapter 3: Advanced STP Tuning: CCNP Enterprise: Core Networking
Document34 pages
Chapter 3: Advanced STP Tuning: CCNP Enterprise: Core Networking
Trần Nga
No ratings yet
Configuring Optional STP Features: IOS Master Command List, Release 12.2SX at This URL
Document16 pages
Configuring Optional STP Features: IOS Master Command List, Release 12.2SX at This URL
Marcelo Canepa
No ratings yet
6.3.1.2 Packet Tracer - Layer 2 Security
Document5 pages
6.3.1.2 Packet Tracer - Layer 2 Security
tuantuan1996
100% (1)
6.5.1.2 Packet Tracer - Layer 2 Security - Instructor
Document12 pages
6.5.1.2 Packet Tracer - Layer 2 Security - Instructor
Renzon Coavas
100% (1)
14.9.10 Packet Tracer - Implement STP Security
Document2 pages
14.9.10 Packet Tracer - Implement STP Security
Test Mail
No ratings yet
STP Commands + Show + Timers + Port Roles
Document4 pages
STP Commands + Show + Timers + Port Roles
Luis Gonzalez
No ratings yet
Chapter - 3 - Advanced STP Tuning
Document40 pages
Chapter - 3 - Advanced STP Tuning
Ngoc Hai Tran
No ratings yet
LAB Inter Vlan Routing Using Layer 3 Switch
Document9 pages
LAB Inter Vlan Routing Using Layer 3 Switch
injectingfever
No ratings yet
6.3.1.2 Packet Tracer - Layer 2 Security - Instructor
Document5 pages
6.3.1.2 Packet Tracer - Layer 2 Security - Instructor
Eric Martial AZOMBO BALLA
No ratings yet
A Quick Reference
Document53 pages
A Quick Reference
Karachanidis Pantelis
No ratings yet
Case Study 3 Report
Document66 pages
Case Study 3 Report
Yichuan Fan
No ratings yet
2.3.1.5 Packet Tracer - Configuring PVST+ Instructions IG Mario
Document18 pages
2.3.1.5 Packet Tracer - Configuring PVST+ Instructions IG Mario
AR
No ratings yet
Chap 3 - Inplementing Spanning Tree
Document43 pages
Chap 3 - Inplementing Spanning Tree
danneco87
No ratings yet
Configuring Intervlan Routing Using An Internal Router (Layer 3 Card) On Catalyst 5500/5000 and 6500/6000 Switches That Run Catos System Software
Document14 pages
Configuring Intervlan Routing Using An Internal Router (Layer 3 Card) On Catalyst 5500/5000 and 6500/6000 Switches That Run Catos System Software
vijay6996
No ratings yet
Spanning Tree Protocol (STP)
Document28 pages
Spanning Tree Protocol (STP)
Claudio Guzman
No ratings yet
Lab6 Seguridad STP
Document7 pages
Lab6 Seguridad STP
Ricardo Esteban Vera Alvarez
0% (1)
Lab Switching Router
Document31 pages
Lab Switching Router
emerson
No ratings yet
CCNA Command Cheat Sheet
Document33 pages
CCNA Command Cheat Sheet
Lumin Han
100% (1)
Configuring Optional STP Features
Document16 pages
Configuring Optional STP Features
Syed Ali Raza Gardezi
No ratings yet
Spanning Tree
Document44 pages
Spanning Tree
Subchan Rohib
No ratings yet
20240327-Day 4 Advanced STP Tuning
Document17 pages
20240327-Day 4 Advanced STP Tuning
rully_panjaitan6072
No ratings yet
ch03 Key Topics
Document7 pages
ch03 Key Topics
Junior Souleymane Sore
No ratings yet
Packet Tracer - Layer 2 Security: (Instructor Version)
Document17 pages
Packet Tracer - Layer 2 Security: (Instructor Version)
giovanni saldarriaga
No ratings yet
Network Design Using Access Controls and Voip
Document46 pages
Network Design Using Access Controls and Voip
RasakiRraski
100% (2)
Spanning Tree Enhancements
Document20 pages
Spanning Tree Enhancements
wingenius
No ratings yet
Assist 2.2 Lab - Configuring Rapid PVST+, PortFast, and BPDU Guard
Document18 pages
Assist 2.2 Lab - Configuring Rapid PVST+, PortFast, and BPDU Guard
rewdas
No ratings yet
DCCN - Lab 4-B Extended VLAN
Document6 pages
DCCN - Lab 4-B Extended VLAN
sunena224
No ratings yet
Types of Network: Institute of Electrical and Electronics Engineer IEEE 802.3 Standard Coaxial, Twisted Pair, Fiber
Document22 pages
Types of Network: Institute of Electrical and Electronics Engineer IEEE 802.3 Standard Coaxial, Twisted Pair, Fiber
goku
No ratings yet
6.5.1.2 Packet Tracer - Layer 2 Security - Instructor
Document8 pages
6.5.1.2 Packet Tracer - Layer 2 Security - Instructor
Kazuo Taro Yami
No ratings yet
STP - RSTP - MSTP Comparison Lab
Document28 pages
STP - RSTP - MSTP Comparison Lab
bruce flores
No ratings yet
HUAWEI Vs CISCO
Document5 pages
HUAWEI Vs CISCO
Jairo Alfonso Avila
No ratings yet
6.5.1.2 Packet Tracer - Layer 2 Security
Document14 pages
6.5.1.2 Packet Tracer - Layer 2 Security
Andres Mora
No ratings yet
Network Design Using Access Controls and Voip: Saurav Kumar Pandey
Document46 pages
Network Design Using Access Controls and Voip: Saurav Kumar Pandey
LK AnhDung
No ratings yet
Switch Final Exam CCNP 6
Document13 pages
Switch Final Exam CCNP 6
Jhon Garcia
No ratings yet
Ccna Lab Guide
Document13 pages
Ccna Lab Guide
Ahmed Mahmoud Ahmed
100% (1)
2.3.1.5 Packet Tracer - Configuring PVST+ Instructions
Document3 pages
2.3.1.5 Packet Tracer - Configuring PVST+ Instructions
JonathanBilbrey
No ratings yet
2.3.2.3 Lab - Configuring Rapid PVST+, PortFast, and BPDU Guard - ILM PDF
Document28 pages
2.3.2.3 Lab - Configuring Rapid PVST+, PortFast, and BPDU Guard - ILM PDF
Maksim Korsakov
91% (56)
STP Spanning Tree Protocol Step by Step Configuration Tutorial
Document12 pages
STP Spanning Tree Protocol Step by Step Configuration Tutorial
Vicky Vaio
No ratings yet
Router Super Doc
From Everand
Router Super Doc
Ashlan Chidester
No ratings yet
SPANNING TREE PROTOCOL: Most important topic in switching
From Everand
SPANNING TREE PROTOCOL: Most important topic in switching
Mulayam Singh
No ratings yet
WAN TECHNOLOGY FRAME-RELAY: An Expert's Handbook of Navigating Frame Relay Networks
From Everand
WAN TECHNOLOGY FRAME-RELAY: An Expert's Handbook of Navigating Frame Relay Networks
Mamta Devi
No ratings yet
First Hop Redundancy Protocol: Network Redundancy Protocol
From Everand
First Hop Redundancy Protocol: Network Redundancy Protocol
Mulayam Singh
No ratings yet
4 Computational Tools and Resources in Plant Genome Informatics
Document1 page
4 Computational Tools and Resources in Plant Genome Informatics
rajkumarlodh
No ratings yet
ISCW10S02L06
Document3 pages
ISCW10S02L06
rajkumarlodh
No ratings yet
ISCW10S03L05
Document2 pages
ISCW10S03L05
rajkumarlodh
No ratings yet
Configuring Ipsec Site-To-Site VPN Using SDM
Document35 pages
Configuring Ipsec Site-To-Site VPN Using SDM
rajkumarlodh
No ratings yet
2 Handbook of Plant Biotechnology: KC012 WL052A June 16, 2003 15:25 Char Count 0
Document1 page
2 Handbook of Plant Biotechnology: KC012 WL052A June 16, 2003 15:25 Char Count 0
rajkumarlodh
No ratings yet
Ipsec Components and Ipsec VPN Features
Document45 pages
Ipsec Components and Ipsec VPN Features
rajkumarlodh
No ratings yet
Computational Tools and Resources in Plant Genome Informatics 3
Document1 page
Computational Tools and Resources in Plant Genome Informatics 3
rajkumarlodh
No ratings yet
14 Handbook of Plant Biotechnology
Document1 page
14 Handbook of Plant Biotechnology
rajkumarlodh
No ratings yet
Implementing Advanced Cisco IOS Features: Configuring DHCP: Manipulating Routing Updates
Document15 pages
Implementing Advanced Cisco IOS Features: Configuring DHCP: Manipulating Routing Updates
rajkumarlodh
No ratings yet
Describing Topologies For Facilitating Remote Connections: Teleworker Connectivity
Document12 pages
Describing Topologies For Facilitating Remote Connections: Teleworker Connectivity
rajkumarlodh
No ratings yet
Explaining BGP Concepts and Terminology
Document16 pages
Explaining BGP Concepts and Terminology
rajkumarlodh
No ratings yet
Introducing Traffic Policing and Shaping: Implement The Diffserv Qos Model
Document27 pages
Introducing Traffic Policing and Shaping: Implement The Diffserv Qos Model
rajkumarlodh
No ratings yet
Configuring Basic BGP Operations
Document42 pages
Configuring Basic BGP Operations
rajkumarlodh
No ratings yet
Explaining EBGP and IBGP: Implementing BGP
Document9 pages
Explaining EBGP and IBGP: Implementing BGP
rajkumarlodh
No ratings yet
Configuring Cisco Easy VPN and Easy VPN Server Using SDM: Ipsec Vpns
Document56 pages
Configuring Cisco Easy VPN and Easy VPN Server Using SDM: Ipsec Vpns
rajkumarlodh
No ratings yet
Cisco High Availability Options: Ipsec Vpns
Document22 pages
Cisco High Availability Options: Ipsec Vpns
rajkumarlodh
No ratings yet
BSCI30S05L05
Document2 pages
BSCI30S05L05
rajkumarlodh
No ratings yet
Controlling Routing Update Traffic
Document24 pages
Controlling Routing Update Traffic
rajkumarlodh
No ratings yet
ISCW10S02 Teleworker Connectivity
Document135 pages
ISCW10S02 Teleworker Connectivity
rajkumarlodh
No ratings yet
Configuring CBWFQ and LLQ: Implement The Diffserv Qos Model
Document28 pages
Configuring CBWFQ and LLQ: Implement The Diffserv Qos Model
rajkumarlodh
No ratings yet
Site-To-Site Ipsec VPN Operation
Document27 pages
Site-To-Site Ipsec VPN Operation
rajkumarlodh
No ratings yet
Configuring Gre Tunnels Over Ipsec
Document39 pages
Configuring Gre Tunnels Over Ipsec
rajkumarlodh
No ratings yet
Configuring WFQ: Implement The Diffserv Qos Model
Document16 pages
Configuring WFQ: Implement The Diffserv Qos Model
rajkumarlodh
No ratings yet
Understanding Wan Link Efficiency Mechanisms: Implement The Diffserv Qos Model
Document24 pages
Understanding Wan Link Efficiency Mechanisms: Implement The Diffserv Qos Model
rajkumarlodh
No ratings yet
Introducing Congestion Avoidance: Implement The Diffserv Qos Model
Document39 pages
Introducing Congestion Avoidance: Implement The Diffserv Qos Model
rajkumarlodh
No ratings yet
Course Administration Guide: Building Scalable Cisco Internetworks
Document17 pages
Course Administration Guide: Building Scalable Cisco Internetworks
rajkumarlodh
No ratings yet
BCMSN30S08L07
Document2 pages
BCMSN30S08L07
rajkumarlodh
No ratings yet
BSCI30S06L06
Document2 pages
BSCI30S06L06
rajkumarlodh
No ratings yet
DigitalMedia Agency Family Tree
Document1 page
DigitalMedia Agency Family Tree
lbhat
100% (5)
Pfi Es-3 (2000)
Document4 pages
Pfi Es-3 (2000)
Esteban Calderón Navarro
No ratings yet
Fce Tests
Document5 pages
Fce Tests
KimLiênNguyễn
100% (1)
The Mineral Industry of Cambodia
Document6 pages
The Mineral Industry of Cambodia
AC-ARIZONACOWBOY
No ratings yet
Transaction Confirmation Report en GB 2c6183
Document1 page
Transaction Confirmation Report en GB 2c6183
sophochinchaladze
No ratings yet
ODEROI Adolescent Study Fact Sheet: Indian Ocean
Document9 pages
ODEROI Adolescent Study Fact Sheet: Indian Ocean
HayZara Madagascar
No ratings yet
GO Ms No 38
Document93 pages
GO Ms No 38
Subhash
No ratings yet
Salazar vs. Achacoso, 183 SCRA 145
Document7 pages
Salazar vs. Achacoso, 183 SCRA 145
Inez Pads
No ratings yet
Quieting of Title
Document9 pages
Quieting of Title
Lo
No ratings yet
05 - Worksheet - 1 - Tamayo
Document1 page
05 - Worksheet - 1 - Tamayo
alexandra tamayo
No ratings yet
A Summary Critique - The Works of M. Scott Peck by Howard Pepper
Document4 pages
A Summary Critique - The Works of M. Scott Peck by Howard Pepper
thunderdome
No ratings yet
PADDY
Document18 pages
PADDY
mgt2019007
No ratings yet
Pancard Clubs NCLT Order
Document31 pages
Pancard Clubs NCLT Order
Mr. AbhirBhandary NMAMIT IS
No ratings yet
A Descriptive Catalogue of Sinhalese Pali and Sinhalese Literary v1 1000691126
Document282 pages
A Descriptive Catalogue of Sinhalese Pali and Sinhalese Literary v1 1000691126
Asgiriye Seelananda
100% (1)
Psychiatry P R N Principles Reality Next Steps Juliet Hurn Laurence Church Roxanne Keynejad Sarah Stringer
Document53 pages
Psychiatry P R N Principles Reality Next Steps Juliet Hurn Laurence Church Roxanne Keynejad Sarah Stringer
marsha.beaver589
100% (5)
Assignment: Rights Definition and Types
Document5 pages
Assignment: Rights Definition and Types
Shahana
No ratings yet
NBP
Document29 pages
NBP
Dewan Naeem Shahbaz
No ratings yet
Cloud Storage Limit Monitoring Measures
Document3 pages
Cloud Storage Limit Monitoring Measures
esatjournals
No ratings yet
Writing Women's Rites: Excision in Experimental African Literature
Document11 pages
Writing Women's Rites: Excision in Experimental African Literature
M. L. Landers
No ratings yet
Green Belt
Document149 pages
Green Belt
SUVADIP BHOWMIK
100% (2)
Chen References 2023
Document12 pages
Chen References 2023
phoenix.beronio
No ratings yet
List of Law Firms
Document18 pages
List of Law Firms
Reena Shau
No ratings yet
Aff - Human Germline Genetic Engineering - MSDI 2022
Document97 pages
Aff - Human Germline Genetic Engineering - MSDI 2022
HyperrealH
No ratings yet
OP56
Document2 pages
OP56
Divya Goyal
No ratings yet
BDA WLXControl EN v38
Document86 pages
BDA WLXControl EN v38
Wagdy Khater
No ratings yet
Implementing ERP in Organizations
Document12 pages
Implementing ERP in Organizations
prachi_rane_4
No ratings yet
(Richard Rawles) Callimachus
Document146 pages
(Richard Rawles) Callimachus
amany taha
100% (1)