Manuals / Brands / Computer Equipment / Network Router / Cisco Systems / Computer Equipment / Network Router

Cisco Systems RVS4000RF 1) MAC Address Spoofing, 2) Data Sniffing, 3) Man in the middle attacks

1 195

Download 195 pages, 4.1 Mb

Planning Your Virtual Private Network (VPN)

Why do I need a VPN ?

Cisco RVS4000 Security Router with VPN Administrator Guide 14

3

1) MAC Address Spoofing

Packets transmitted over a network, either your local network or the Internet, are

preceded by a packet header. These packet headers contain both the source and

destination information for that packet to transmit efficiently. A hacker can use this

information to spoof (or fake) a MAC address allowed on the network. With this

spoofed MAC address, the hacker can also intercept information meant for

another user.

2) Data Sniffing

Hackers use data “sniffing” to obtain network data as it travels through unsecured

networks, such as the Internet. Tools for just this kind of activity, such as protocol

analyzers and network diagnostic tools, are often built into operating systems and

allow the data to be viewed in clear text.

3) Man in the middle attacks

Once the hacker has either sniffed or spoofed enough information, he can now

perform a “man in the middle” attack. Hackers use this attack when data is

transmitted from one network to another, by rerouting the data to a new

destination. Even though the data never reaches its intended recipient, it appears

successful to the person who sent the data.

These are only a few of the methods hackers use, and they are always developing

more. Without the security of your VPN, your data is constantly open to such

attacks as it travels over the Internet. Data travelling over the Internet often passes

through many different servers around the world before reaching its final

destination. That’s a long way to go for unsecured data and this is when a VPN

serves its purpose.

Contents

Main Page Page Firewall 46 ProtectLink 57 VPN 58 QoS 67 Administration 72 Chapter 6: Using the VPN Setup Wizard 98 Appendix A: Troubleshooting 116 Appendix B: Using Cisco QuickVPN for Windows 2000, XP, or Vista 133 Appendix C: Configuring IPSec with a Windows 2000 or XP Computer 142 Appendix D: Gateway-to-Gateway VPN Tunnel 166 Appendix E: Cisco ProtectLink Web Service 182 Appendix F: Specifications 190 Appendix G: Where to Go From Here 194 Product Resources 194 Related Documentation 195 Introduction Networking and Security Basics An Introduction to LANs The Use of IP Addresses The Intrusion Prevention System (IPS) Page Planning Your Virtual Private Network (VPN) Why do I need a VPN? 1) MAC Address Spoofing 2) Data Sniffing 3) Man in the middle attacks What is a VPN? VPN Router to VPN Router Computer (using the Cisco QuickVPN Client software) to VPN Router Getting Started with the RVS4000 Router Front Panel Getting Started with the RVS4000 Router Back Panel Back Panel Placement Options Desktop Option Stand Option Wall Option Installing the Router Configuring the Router Page Setting Up and Configuring the Router Setup Setup > Summary System Information Port Statistics Network Setting Status Firewall Setting Status IPSec VPN Setting Status Log Setting Status Setup > WAN Static IP PPPoE PPTP Heart Beat Signal L2TP Page Optional Settings (Required by some ISPs) Page Page IPv4 Server Settings (DHCP) Static IP Mapping IPv6 DHCPv6 Setup > DMZ Setup > MAC Address Clone Setup > Advanced Routing Operating Mode Dynamic Routing Static Routing Inter-VLAN Routing Setup > Time Setup > IP Mode Firewall Firewall > Basic Settings Page Firewall > IP Based ACL Editing IP ACL Rules Page Firewall > Internet Access Policy Page Page Firewall > Single Port Forwarding Firewall > Port Range Forwarding Firewall > Port Range Triggering ProtectLink ProtectLink > ProtectLink Purchase VPN VPN > Summary Tunnel Status VPN Clients Status Page Local Group Setup Remote Group Setup IPSec Setup Status VPN > VPN Client Accounts VPN Client List Table Certificate Management VPN > VPN Passthrough QoS QoS > Bandwidth Management Bandwidth Bandwidth Management Type Rate Control Priority QoS > QoS Setup CoS Setup QoS > DSCP Setup Administration Administration > Management Router Access SNMP UPnP Administration > Log Log Setting Email Alerts Syslog Local Log Administration > Diagnostics Ping Test Parameters Traceroute Test Parameters Cable Diagnostics Administration > Backup & Restore Restore Configuration Administration > Factory Default Administration > Reboot Administration > Firmware Upgrade Page IPS IPS > Configuration Anomaly Detection IPS > P2P/IM Peer to Peer Instant Messenger IPS > Report Page IPS > Information L2 Switch L2 Switch > Create VLAN Page L2 Switch > VLAN Port Setting L2 Switch > VLAN Membership L2 Switch > RADIUS L2 Switch > Port Setting L2 Switch > Statistics Statistics Overview L2 Switch > Port Mirroring L2 Switch > RSTP Status Status > Gateway Internet Connection IP Conntrack Status > Local Network Using the VPN Setup Wizard VPN Setup Wizard Running the VPN Setup Wizard Page Page Page Page Page Page Page Page Page Building Your VPN Connection Remotely Page Page Page Page Page Page A Troubleshooting I need to set a static IP address on a PC. Windows 2000 Windows XP I want to test my Internet connection. Windows 2000 Windows XP I am not getting an IP address on the Internet with my Internet connection. I am not able to access the routers configuration utility Setup window. I cant get my Virtual Private Network (VPN) to work through the router. I need to set up a server behind my router. I need to set up online game hosting or use other Internet applications. I cant get an Internet game, server, or application to work. I forgot my password or the password prompt always appears when saving settings to the router. I am a PPPoE user and I need to remove the proxy settings or the dial- up pop-up window. To start over, I need to set the router to factory default. I need to upgrade the firmware. The firmware upgrade failed. My DSL services PPPoE is always disconnecting. I cant access my email, web, or VPN, or I am getting corrupted data from the Internet. I need to use port triggering. When I enter a URL or IP address, I get a time-out error or am prompted to retry. Frequently Asked Questions Page Page Page Page B Using Cisco QuickVPN for Windows 2000, XP, or Vista Page Installing the Cisco QuickVPN Software Installing from the CD-ROM Page Downloading and Installing from the Internet Using the Cisco QuickVPN Software Page Page Distributing Certificates to QuickVPN Users Page C Configuring IPSec with a Windows 2000 or XP Computer Introduction Environment Windows 2000 or Windows XP RVS4000 How to Establish a Secure IPSec Tunnel Establishing a Secure IPSec Tunnel Filter List 1: win -> router Page Page Filter List 2: router -> win Page Page Tunnel 1: win->Router Page Page Page Page Tunnel 2: Router->win Page Page Page Page Page Page Page Page Page D Gateway-to-Gateway VPN Tunnel Configuration when the Remote Gateway Uses a Static IP Address Page Page Page Page Configuration when the Remote Gateway Uses a Dynamic IP Address Page Page Page Page Configuration When Both Gateways Use Dynamic IP Addresses Page Page Page Page E Cisco ProtectLink Web Service How to Access the Configuration Utility How to Purchase, Register, or Activate the Service ProtectLink Page How to Use the Service ProtectLink > Web Protection Page Web Protection URL Filtering Business Hour Setting Web Reputation Approved URLs Approved Clients URL Overflow Control ProtectLink > License License License Information F Specifications Specifications Performance Setup/Config Management Security Features QoS Network VPN Routing Layer 2 Environmental Specifications are subject to change without notice. G Where to Go From Here Product Resources G Related Documentation