January 17, 2012

1.2.6 Port Security

Port security works at level 2 of the OSI model and allows an administrator to configure switch ports to  only certain MAC addresses that can use the port.

MAC Limiting and Filtering limit access to the network to MAC addresses that are known, and filter out those that are not.

MAC filtering is not foolproof, and a quick look in a search engine will turn up tools that can be used to change the MAC address and help miscreants circumvent this control.

Disable Unused Ports. All ports not in use should be disabled. Otherwise, they present an open door for an attacker to enter.

References:

  • CompTIA Security+ Study Guide: Exam SY0-301, Fifth Edition by Emmett Dulaney

No comments:

Post a Comment