Hacking Cisco Networks

Steve Dugan

An independent contract instructor and network engineer. He has been teaching Cisco networking for the last 20+ years. He created one of the first infrastructure attack and defense courses specifically targeting Cisco Systems equipment. Professionally he has been focused on Route and Switch, Collaboration, and Network Security. His students come mostly from Fortune 500 companies and large service providers. He also teaches private internal classes to Cisco Employees. As a Sr. Network Engineer he has worked on the design and implementation of large enterprise, government contractor, and service provider networks.

Course Schedule

The next scheduling of this dojo has yet to be decided.

Course Abstract

This class will cover a wide variety of the publicly available exploit tools and how they can be used specifically against a Cisco infrastructure. A majority of the class time will be spent doing practical labs. Therefore, a certain level of Cisco expertise will be expected. The training will also cover the possible defenses against these attacks.

Students will be using 2651 routers, and 1900 switches for their labs. The lab core will consist of 3600s, 2900s, 2500s and servers of various flavors. This class will focus on Cisco Router and Switch vulnerabilities and will not be covering PIX firewalls, VPN concentrators, or IDS tools.

Here is a list of some of the topics that will be covered:

• Ways of Password Nabbing

• Sniffing traffic on a switch

• VLAN Hopping and 802.1Q issues

• Root Bridge Takeovers

• Local and remote HSRP attacks

• Routing manipulation/injection with RIP, IGRP, EIGRP, OSPF

• BGP attacks

• SNMP Exploits

• Tunneling attacks

• DoS and DDoS issues and preventive methods

Course Pre-requisites

• Students will be required to bring their own laptops to (with appropriate caution) attach to the labs.