Blog posts tagged in netflow
Here is my list of the top ten security mistakes that IT staff makes. These mistakes leave your network vulnerable to attack and compromise. Mistake #2: Failure to record flow information.
NetFlow is a powerful tool for exploring the data flows passing through a Cisco router or switch. Even if you do not own a commercial tool for collecting and reporting on NetFlow data, you can enable NetFlow on a device, enable it on selected interfaces, and use show commands to examine the data.
've been doing more consulting work and am surprised by the number of organizations that don't use anti-spoofing filters within their networks. An anti-spoofing filter is placed on the input side of a router interface of a user subnet and only allows packets through that are within the address range of that subnet. The intent is to exclude packets that have invalid source addresses. Just make sure that the filter doesn't exclude the multicast and broadcast addresses and routing protocol updates that are needed for normal network operations.