Network Hardening of Multilayer Switch

Abstract: In today’s computer networking and industrial networking, security holds a significant role in keeping the entire network safe from malicious users or attackers from remote locations. Using vulnerability scanners and a port scanner it is possible to detect vulnerabilities on the network equipment before an attacker finds the vulnerability and exploits it. In this thesis network hardening has been conducted through a case study on a multilayer switch, with the intent to discover vulnerabilities related to gaining unauthorized access to the device during operation. The tools included in this process involves vulnerability scanner Nessus, Metasploit project and Nmap to cover a wide scope of known vulnerabilities detectable with these tools. The results gathered from the vulnerability scans detects vulnerabilities on the device of various types that could assist an attacker, as they tried to breach the device, this method to approach network hardening shows that different types of vulnerabilities can be detected on the device. To be able to detect more in-depths vulnerabilities and being able to track distinct attacks such as Denial of Service (DoS) additional tools needs to be added to cover a wider scope of attack vectors on the device. With further enhancements to the set of tools to detect vulnerabilities, it will be able to cover a much larger scope of different attack vectors and contribute more towards finding vulnerabilities.