dddd.eeee SecureConfigured Fa0/5 -
-------------------------------------------------------------------
Total Addresses in System (excluding one mac per port) : 0
SwitchX# sshh ppoorrtt--sseeccuurriittyy
Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action
(Count) (Count) (Count)
--------------------------------------------------------------------------
Fa0/5 1 1 0 Shutdown
---------------------------------------------------------------------------
Total Addresses in System (excluding one mac per port) : 0
Max Addresses limit in System (excluding one mac per port) : 1024
182 Chapter 2: Ethernet LANs
Securing Unused Ports
In a home, an unlocked door can be a security risk. The same is true of an unused port on a
switch. A hacker can plug a switch into an unused port and become part of the network.
Therefore, unsecured ports can create a security hole. To prevent the issue, you should
secure unused ports by disabling unused interfaces (ports).
To disable an interface, use the shutdown command in interface con?¬?guration mode.
To restart, or bring up, a disabled interface, use the no form of this command: no
shutdown.
Summary of Understanding Switch Security
The key points that were discussed in the previous sections are as follows:
?– User and Privileged Passwords can be used to restrict access levels to users that have
different access needs for the device.
Pages:
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270