Eric Vyncke Book order (chronological)

"The authors describe best practices for identifying and resolving weaknesses as you maintain a dual stack network. Then they describe the security mechanisms you need to implement as you migrate to an IPv6-only network. The authors survey the techniques hackers mightuse to try to breach your network, such as IPv6 network reconnaissance, address spoofing, traffic interception, denial of service, and tunnel injection." "The authors also turn to Cisco products and protection mechanisms. You learn how to use Cisco IOS and ASA firewalls and ACLs to selectively filter IPv6 traffic. You also learn about securing hosts with Cisco Security Agent 6.0 and about securing a network with IOS routers and switches. Multiple examples are explained for Windows, Linux, FreeBSD, and Solaris hosts. The authors offer detailed examples that are consistent with today's best practices and easy to adapt to virtually any IPv6 environment."--BOOK JACKET.

Ethernet switches are not inherently secure, and vulnerabilities arise from their implementation and associated protocols like Spanning Tree Protocol (STP) and Address Resolution Protocol (ARP). This guide details these vulnerabilities and provides strategies to configure switches to prevent or mitigate attacks. It also discusses how to enhance network security using Ethernet switches. The content is divided into four parts: Part I identifies vulnerabilities in Layer 2 protocols and outlines configurations to prevent attacks; Part II focuses on denial-of-service (DoS) attacks and their mitigation; Part III explains how switches can enhance security through wirespeed access control list (ACL) processing and IEEE 802.1x for user authentication; and Part IV explores future developments from the LinkSec working group at IEEE. Most of the material is vendor-independent, making it valuable for all network architects deploying Ethernet switches. Readers will gain a comprehensive understanding of LAN security and be equipped to address the security gaps prevalent in many campus networks. The authors, Eric Vyncke and Christopher Paggen, bring extensive expertise in network security, with backgrounds in engineering and consulting roles at Cisco, complemented by contributions from other technical leaders in the field.