Sign up to save your podcasts
Or
Share #33: Analyzing Layer 2 with Wireshark
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
#33: Analyzing Layer 2 with Wireshark
Layer 2 management protocols like STP, MSTP, TRILL, SPB, CDP, VTP, HSRP, etc., should never be visible on user facing ports. There are some technical challenges when deploying something like VOIP in a converged network solution, but barring this, having these protocols exposed is an easy to find and obvious indication of misconfiguration.
In this short video we look at a quick intro to Wireshark, look at a few of the features and see easy ways to find these packets if they are visible. We also talk about how a network engineer or security engineer would weed out traffic, identifying interesting traffic that does not belong.
This video is a sample of one of the labs covered in the SANS Advanced Audit course (AUD507) by David Hoelzer. Visit http://www.sans.org for more information!
View all episodes
Layer 2 management protocols like STP, MSTP, TRILL, SPB, CDP, VTP, HSRP, etc., should never be visible on user facing ports. There are some technical challenges when deploying something like VOIP in a converged network solution, but barring this, having these protocols exposed is an easy to find and obvious indication of misconfiguration.
In this short video we look at a quick intro to Wireshark, look at a few of the features and see easy ways to find these packets if they are visible. We also talk about how a network engineer or security engineer would weed out traffic, identifying interesting traffic that does not belong.
This video is a sample of one of the labs covered in the SANS Advanced Audit course (AUD507) by David Hoelzer. Visit http://www.sans.org for more information!