_IOS Switch Commands-infosavvy

IOS Switch Commands

Switchport port-security

IOS Switch Commands, The switch port port-security command configures the port parameters to enable port security.

switchport port-security maximum 1

The switch port port-security maximum command configures the maximum number of secure MAC addresses for the port.

The switch port port-security maximum 1 command configures the maximum number of secure MAC addresses for the port as 1.

switchport port-security violation restrict

The switchport port-security violation command sets the violation mode and therefore the necessary action just in case of detection of a security violation.

The switch port port-security violation restrict command drops packets with unknown source addresses until a sufficient number of secure MAC addresses are removed.

Related Product:- Certified Ethical Hacker | CEH Certification

switchport port-security aging time 2

The switch port port-security aging time command configures the secure MAC address aging time on the port,

The switch port port-security aging time 2 command sets the ag’ng time as 2 minutes.

switchport port-security aging type inactivity

The switch port port-security aging type command configures the secure MAC address aging type on tne port.

switch port port-security mac-address sticky

Enables sticky learning on the interface by entering only the mac-address sticky keywords. When sticky learning is enabled, the interface adds all secure MAC addresses that are dynamically learned to the running configuration and converts these addresses to sticky secure MAC addresses.

Defend Against Rogue Server Attack

The DHCP snooping feature that is available on switches can mitigate against rogue DHCP servers. It is configured on the port on which the valid DHCP server is connected. Once configured, DHCP snooping does not allow other ports on the switch to respond to DHCP discover packets sent by clients. Thus, even an attacker who manages to build a rogue DHCP server and connects to the switch cannot respond to DHCP discover packets.

Also Read:- DHCP Request/Reply Messages

IOS Global Commands

  • IP DHCP snooping vlan 4,104

Enable or disable DHCP snooping on one or more VLANs.

  • No IP DHCP snooping information option

To disable the insertion and the removal of the option-82 field, use the no IP dhcp snooping information option in global configuration command.

  • IP DHCP snooping

Enable DHCP snooping option globally.

Questions related to this topic

  1. How do I enable DHCP snooping?
  2. What is IP DHCP pool command?
  3. How do I show DHCP in pool?
  4. What is the effect of entering the show ip DHCP snooping binding configuration command on a switch?

Learn CEH & Think like hacker



This Blog Article is posted by

Infosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092

Contact us – www.info-savvy.com

https://g.co/kgs/ttqPpZ

Leave a Comment