Publisher: Cisco Press
The majority of security books reviewed on Help Net Security are focused on specific technologies, software platforms and hot security issues everyone is talking about. Cisco Press has a rather extensive line of books discussing their networking and security products and their publications often provide information on some lower level security issues. "LAN Switch Security" is a perfect sample of this kind of publications - authors Vyncke and Paggen are here to tell you why Ethernet switches are not inherently secure.
About the authors
Eric Vyncke works as a Distinguished Consulting Engineer for Cisco. Eric wrote the security section of Networks: Internet, Telephony, Multimedia: Convergences and Complementarities, and has a Master Degree in Computer Science Engineering from the University of Liège.
Christophe Paggen is a technical marketing engineer at Cisco focusing on high-end firewalls. He has a degree in computer science from IESSL in Liege and a masters in economics from University of Mons-Hainaut.
Inside the book
The book primarily addresses network architects with knowledge of Ethernet switching techniques and basic security concepts. Besides having this in mind, the first couple of introduction chapters cover the elementary switching methods, so advanced users can pretty much skip the "Back to Basics" section.
Very early in the book authors get dirty with practical examples of attacking the state of your LAN switch security. The first attack is concentrated on Spanning Tree Protocol, OSI layer-2 protocol that ensures a loop free topology for any bridged LAN. As always with Cisco Press publications, each of the specific topics is thoroughly inspected with a load of text, screenshots and command line usage.
Following the same attack description concept, authors cover DHCP weaknesses and the IPv4 Address Resolution Protocol. While each of these sections discusses the topics in an easy to follow way, don't expect an in-depth coverage of these issues. The book has 18 chapters spread over 360 pages, so the amount of content is not aimed to provide a step-by-step guide.
The rest of the "Vulnerabilities and Mitigation Techniques" part of the title deals with networking matters such as router advertisements, resiliency of HSRP, brining VRRP down and information leaks in Cisco ancillary protocols.
The second part of the book extends the reader's knowledge of Denial of Service attacks that can affect switches in your network. The authors provide a wealth of information on the scenarios that can happen and the techniques you can use to minimize the problems that can occur.
In the final couple of chapters you will learn how to use Ethernet switches to enhance a network's overall security, as well as get some information on the future of LAN security by reading about IEEE 802.1AE encryption specification.
I really liked the practical way the authors present the information throughout the book. "LAN Switch Security" is a very informative Cisco Press publication that provides its readers with rather interesting and sometimes unique insides into security aspects of LAN switches.