Page 387 - StudyBook.pdf
P. 387

Infrastructure Security: Devices and Media • Chapter 6  371

                 Routers


                 Routers are a critical part of all networks and can be both a security aid and a
                 security vulnerability.A router basically has two or more network interfaces
                 through which network traffic is forwarded or blocked.They are often used to seg-
                 ment networks into smaller subnets or to link multiple networks together.The
                 router decides how and when to forward packets between the networks based on
                 an internal routing table.This routing table tells the router which packets to forward.
                 The routing table can either be static where each route is explicitly defined, or
                 dynamic where the router learns new routes by using routing protocols. In addition
                 to the routing table, a typical router also supports access control lists (ACLs) that
                 specify which packets to allow or explicitly block. Every packet going through a
                 router will be checked against the ACL to see if the packet is allowed to be for-
                 warded, and also checked against the routing table to determine where to forward
                 the packet if allowed. It also tells the router which network(s) exist on which inter-
                 faces, and enables the router to put the packet on the appropriate interface.



                 EXAM WARNING
                      Routers are an important part of your network infrastructure and just
                      like any other device, they are vulnerable to a variety of attacks. You
                      should be aware of some of the basic vulnerabilities of routers and how
                      to compensate for those vulnerabilities. Keep this type of information in
                      mind for all network devices, and you will be better prepared for the
                      exam.




                   Defining an ACL for a Cisco Router
               Head of the Class…  filter traffic from specific addresses or subnet ranges. Cisco also provides
                   There are two types of access lists available to filter traffic on Cisco
                   routers. The simplest is a standard access list, which allows technicians to


                   extended access lists, which allow technicians to filter based on a variety
                   of criteria. The extended access list allows technicians to use source
                   addresses, destination addresses, and specific network services (such as
                   POP3) as the basis of filtering rules.
                        After an ACL has been defined, it is applied to a specific interface on
                   the router and designated whether the ACL applies to inbound or out-
                   bound traffic. The following command is used to define a standard access
                   list:
                                                                                        Continued

                                                                              www.syngress.com
   382   383   384   385   386   387   388   389   390   391   392