Yes, although I prefer the ability to work on these ideas myself in packet tracer obviously it is very useful to have the cli commands in the form of the pdf file on dropbox.
@@davidbombal Sir, I found that when I use 2960 in packet tracer I have to set access port also as trusted port for snooping while the same switch config works when with 3560 with no access port as trusted. When used no access port as trusted in 2960 client does not gets ip, packet dropped at switch but when trusted access port. It works. Is this packet tracer issue. I watch every video you post. Thank you for so nice, in-depth training/videos.
Thank you Mostafa. Please explain to me what you like / don't like? The DNS video covered a lot of technical details later in the video. However, not everyone watching has lots of technical knowledge and thus I have to start slowly and cover the basics.
@@davidbombal I watched the DNS video again and i realized what made me annoyed and it was the in video sponsor talk one second i'm focusing and suddenly i lost concentration i think that what made me stop watching after 6 minutes but it was a good video and yes had covered a lot of technical knowledge I"m sorry if i made you feel bad and thank you
@@mostafaadel6027 Thank you for the feedback. Appreciate it. Yes, sponsored videos are hard - difficult to get the balance right.. Next time I'll put the sponsored part at the end I think.... but not sure sponsors will like that. I'll try different options in future. No one likes adverts, but ads pay the bills in a lot of cases - hence the success of UA-cam and other free platforms.
@@davidbombal I know it's important if you can just put it in one place in the beginning even it will be okay we used to these ads at the beginning of videos The thing I watch your videos with all of me to understand everything and enjoy it Again make your sponsored videos we will support it sir you're one of the best content creators now in my opinion and really want you to continue and grow
thanks a lot, David for this video on DHCP attack by KALI Linux, I have a request can you please make a video on Bitwarden Open Source Password Manager, complete explanation and if possible little more deep dive on the self-hosting part.
Hi i like so much your lecture, my question is this lecture have you use gns3 or other program? also in gns3 is there any possibility of using window pc as you are showing there
@@davidbombal thanks! I'm working as a Network engineer / Network security engineer and SyberSec since 2005 and I like it)) and gns3 is a very good platform for training! Good luck!
David, I doubt you're gonna see this but I have a question, is it possible to launch a rogue DHCP server attack over the internet (WAN)? no one I know of has gained access to my network equipment however I keep getting notifications from my UDM stating that there may be a Rogue DHCP on the network. Any insight would be incredibly helpful, thank you
Thanks for the video, but if port security is configured on the switch then illegal Mac addresses won't even be allowed to connect? So port security alone can prevent ARP poisoning?
Can you elaborate a bit more? Are you asking how to set up a DHCP server on a core switch and then have other switches with multiple VLANs forward the DHCP requests to that server?
I was thinking a Windows AD server serving dhcp that is connected to the core switch. I would have have dhcp snooping trust that port. On corresponding switches that are connected to the core, would I have to trust the interface coming from the core as well?
I was thinking a Windows AD server serving dhcp that is connected to the core switch. I would have have dhcp snooping trust that port. On corresponding switches that are connected to the core, would I have to trust the interface coming from the core as well?
David Bombal I was thinking a Windows AD server serving dhcp that is connected to the core switch. I would have have dhcp snooping trust that port. On corresponding switches that are connected to the core, would I have to trust the interface coming from the core as well?
David, last week I had a question and you asked me to expand: I was thinking a Windows AD server serving dhcp that is connected to the core switch. I would have have dhcp snooping trust that port. On corresponding switches that are connected to the core (downstream), would I have to trust the interface coming from the core as well?
After the port is shut down by the DHCP_SNOOPING_RATE_LIMIT_EXCEEDED, does it return to normal operation after a while? or do I have to "shut" then "no shut" to restore the interface?
You could configure it to auto recover after a period of time: errdisable recovery cause dhcp-rate-limit errdisable recovery interval 30 interface GigabitEthernet 0/1 ip dhcp snooping limit rate 10 From Cisco's website: "When a secure port is in the error-disabled state, you can bring it out of this state automatically by configuring the errdisable recovery cause dhcp-rate-limit global configuration command or you can manually reenable it by entering the shutdown and no shut down interface configuration commands. If a port is in per-VLAN errdisable mode, you can also use clear errdisable interface name vlan range command to re-enable the VLAN on the port." Link: www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/53SG/configuration/config/dhcp.html
Menu:
Overview: 0:00
Testing network before attack: 2:09
Kali Linux Rogue DHCP server demo: 3:39
Enable and verify DHCP Snooping: 7:38
Enable trusted port: 11:52
DHCP Option 82 issues and fix: 12:58
Rate Limit Interfaces to Stop DOS attack: 16:15
======================
I hope you like these:
======================
DHCP Snooping Guide: bit.ly/dhcpsnooping
Packet Tracer initial lab: bit.ly/2Rpxium
Packet Tracer completed lab: bit.ly/2vnmKDH
Packet Tracer Answer video: ua-cam.com/video/u3EmleryJ9A/v-deo.html
======================
Referenced Videos:
======================
DHCP Attacks and MITM: ua-cam.com/video/g9OGphrEMb0/v-deo.html
DHCP Basics: ua-cam.com/video/Dp2mFo3YSDY/v-deo.html
EVE-NG: ua-cam.com/video/FDbgTlr-tnw/v-deo.html
GNS3: ua-cam.com/video/Ibe3hgP8gCA/v-deo.html
Kali: ua-cam.com/video/K1bMSPje6pw/v-deo.html
sir you are the best networking instructor right now !
Outstanding content thanks so much for these videos and the quality of them and all the supporting materials.
Thank you Aaron. Do you like the PDF file I shared?
Yes, although I prefer the ability to work on these ideas myself in packet tracer obviously it is very useful to have the cli commands in the form of the pdf file on dropbox.
@@aaronmckeever3601 Thank you Aaron. I am trying something new with the PDF.
Thank you very much David this was very helpful and informative, please do upload more of these videos.
Thank you Michael.
Your videos are so professional, thanks a lot David not only for this video but all of them. Greetings form Poland.
Thank you Lucas
@@davidbombal Sir, I found that when I use 2960 in packet tracer I have to set access port also as trusted port for snooping while the same switch config works when with 3560 with no access port as trusted. When used no access port as trusted in 2960 client does not gets ip, packet dropped at switch but when trusted access port. It works. Is this packet tracer issue.
I watch every video you post.
Thank you for so nice, in-depth training/videos.
Awesome video. Really solidifies the CCNA concepts...
David you are an incredible teacher, thanks so much for the wonderful content!!!
Thank you for the content David. Looking forward to that series of Kali videos!
Thank you Anthony
thanks for going back to your old videos style i really enjoyed this video
Thank you Mostafa. Please explain to me what you like / don't like? The DNS video covered a lot of technical details later in the video. However, not everyone watching has lots of technical knowledge and thus I have to start slowly and cover the basics.
@@davidbombal I watched the DNS video again and i realized what made me annoyed and it was the in video sponsor talk one second i'm focusing and suddenly i lost concentration i think that what made me stop watching after 6 minutes but it was a good video and yes had covered a lot of technical knowledge
I"m sorry if i made you feel bad and thank you
@@mostafaadel6027 Thank you for the feedback. Appreciate it. Yes, sponsored videos are hard - difficult to get the balance right.. Next time I'll put the sponsored part at the end I think.... but not sure sponsors will like that. I'll try different options in future. No one likes adverts, but ads pay the bills in a lot of cases - hence the success of UA-cam and other free platforms.
@@davidbombal I know it's important if you can just put it in one place in the beginning even it will be okay we used to these ads at the beginning of videos
The thing I watch your videos with all of me to understand everything and enjoy it
Again make your sponsored videos we will support it sir you're one of the best content creators now in my opinion and really want you to continue and grow
@@mostafaadel6027 Thank you
Another challenging topic demystified. Great job.
Thank you
thanks a lot, David for this video on DHCP attack by KALI Linux, I have a request can you please make a video on Bitwarden Open Source Password Manager, complete explanation and if possible little more deep dive on the self-hosting part.
Awesome tutorial, love not editing out the issues that may arise(Virtually)... Great real world training 👍
Thank you Orley. Agreed - better to see the problems I think.
David.. where is the PowerPoint presentation with the list of commands used that you referred to??
Thank you a lot for the professional video, is there any way to investigate the loop in a network including more than 50 switches?
Woow, good you added the files. Great thanks as always. I will definitely add this to my labs today.
Glad you like the files Zadkiel. Let me know what you think and if there is anything else I should add to make the videos more useful.
Hi David, were the nodes on this lab all virtualized on GNS3? Or were you using hardware?
Hi i like so much your lecture, my question is this lecture have you use gns3 or other program? also in gns3 is there any possibility of using window pc as you are showing there
Thanks a lot sir for posting this kind of videos. You are awesome. We need more stuff like this..
Thank you Krishnendu
Thanks so much for the wonderful content!
thanks David looking for your new journeys,
God bless you man
Very good information for beginners!
Glad you liked it video Ten
@@davidbombal thanks! I'm working as a Network engineer / Network security engineer and SyberSec since 2005 and I like it)) and gns3 is a very good platform for training! Good luck!
Thank you so much sir , keep making videos , its very helpful and thank you again
awesome explication sir
Thank You David :)
Great Video Dave...
Thank you Joseph
David, I doubt you're gonna see this but I have a question, is it possible to launch a rogue DHCP server attack over the internet (WAN)? no one I know of has gained access to my network equipment however I keep getting notifications from my UDM stating that there may be a Rogue DHCP on the network. Any insight would be incredibly helpful, thank you
Thanks for the video, but if port security is configured on the switch then illegal Mac addresses won't even be allowed to connect? So port security alone can prevent ARP poisoning?
Thank you David. 🙏🏼
Thank you for watching Dilum
Very informative!
Thank you
Hello, David.
Could you please share with me the image you use to work with Kali Linux? Thanks for your time.
Thanks David
Thank you for watching :)
You are the best
Thank you Danial
Is there a way to do this configuration using the router's built-in firewall?
Nice video, thanks. Can you expand on this: dhcp server running on core switch stack, and clients on another switch connected to core stack?
Can you elaborate a bit more? Are you asking how to set up a DHCP server on a core switch and then have other switches with multiple VLANs forward the DHCP requests to that server?
I was thinking a Windows AD server serving dhcp that is connected to the core switch. I would have have dhcp snooping trust that port. On corresponding switches that are connected to the core, would I have to trust the interface coming from the core as well?
I was thinking a Windows AD server serving dhcp that is connected to the core switch. I would have have dhcp snooping trust that port. On corresponding switches that are connected to the core, would I have to trust the interface coming from the core as well?
David Bombal I was thinking a Windows AD server serving dhcp that is connected to the core switch. I would have have dhcp snooping trust that port. On corresponding switches that are connected to the core, would I have to trust the interface coming from the core as well?
David, last week I had a question and you asked me to expand:
I was thinking a Windows AD server serving dhcp that is connected to the core switch. I would have have dhcp snooping trust that port. On corresponding switches that are connected to the core (downstream), would I have to trust the interface coming from the core as well?
Yes. You will need to trust all ports towards to the DHCP server.
David Bombal thank you!
Nice video, no giveaway today??
I can unfortunately not always give stuff away.
@@davidbombal I never ever have won one so always looking for it, lol
@@labeveryday5279 I understand that. Hopefully be able to organize a lot more giveaways in 2020
love this man
Thank you
What exactly loopback IP is used for??
thanks a lot.
Nice content but unable to download your powerpoint or pdf file , please look into it
IP Mastet :) thnx David
Hey David,
Is there a chance to meet you at Cisco Live in Barcelona?
I am unfortunately not attending this year. But, hope you enjoy it!
Hi, bitly considered your pdf dangerous and the completed lab too. Can you fix? thanks.
I guess MITM attacks are less effective when the traffic is encrypted.
❤️
In the 5:50 how can u access to that place?
Is that DHCP Spoofing Attack?
Thanks, from tuesday 🎊, next video VxLAN ? xD
lol... maybe...
After the port is shut down by the DHCP_SNOOPING_RATE_LIMIT_EXCEEDED, does it return to normal operation after a while? or do I have to "shut" then "no shut" to restore the interface?
You could configure it to auto recover after a period of time:
errdisable recovery cause dhcp-rate-limit
errdisable recovery interval 30
interface GigabitEthernet 0/1
ip dhcp snooping limit rate 10
From Cisco's website:
"When a secure port is in the error-disabled state, you can bring it out of this state automatically by configuring the errdisable recovery cause dhcp-rate-limit global configuration command or you can manually reenable it by entering the shutdown and no shut down interface configuration commands. If a port is in per-VLAN errdisable mode, you can also use clear errdisable interface name vlan range command to re-enable the VLAN on the port."
Link: www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/53SG/configuration/config/dhcp.html
Kali buggy? Naw...
lol... never happens - right! :)
Vg
Thanks David