- 2024-08-17NP2011-SW-22-VLAN跳跃攻击_VACL(VLAN-MAP)
vlan跳跃攻击打双层标记配置端口为access端口trunk模式最好是on关闭trunknegotiation本证vlan使用不用的vlan号配置trunk链路要设置允许哪些vlan通过交换机的aclipaclmacaclvlanacl配置access-list100permitip10.1.9.00.0.0.255anymacaccess-listextende
- 2024-08-17NP2011-SW-21-端口安全_AAA_802.1X
mac泛红攻击端口安全配置intf0/1descriptionaccessportswitchportmodeaccessswitchportaccessvlan2swichportport-securityswitchportport-securitymaximum2swichportport-securitymac-address0000.1111.2222switchportport-securitymac-address0000.11
- 2024-08-17NP2011-SW-24-交换机综合实验讲解1
交换机综合实验sw2:vlan10intf1/1swaccvlan10intvlan10ipadd192.168.1.1255.255.255.0sw4:vlan20intf1/1swmoaccswaccvlan20intvlan20ipadd192.168.2.1255.255.255.0r5:intlo0ipadd200.1.1.1255.255.255.0intf0/0noshipadd15.1.
- 2024-08-17NP2011-SW-23-DHCP Snooping_DAI_IP源保护
dhcp欺骗dhcpsnooping原理:一启用后,可以将交换机的端口分为trusted接口和untrusted接口,默认在交换机上启用后,所有接口变为untrusted接口,需要手工设置trunsted接口。对于untrusted接口,只能收到dhcp请求消息,drop掉dhcp的相应消息,并且也不会向这个接口发送出dhcp的请求消息。对于