Understanding and Preventing Attacks at Layer 2 of the OSI Reference Model
نویسنده
چکیده
This session focuses on the security issues surrounding Layer 2, the data-link layer. With a significant percentage of network attacks originating inside the corporate firewall, exploring this soft underbelly of data networking is critical for any secure network design. Security issues addressed in this session include ARP spoofing, MAC flooding, VLAN hopping, DHCP attacks, and Spanning Tree Protocol concerns. Common myths about Ethernet switch security are confirmed or debunked, and specific security lockdown recommendations are given. Attack mitigation options include the new DHCP snooping and Dynamic ARP Inspection (DAI) functionality. Attendees can expect to learn Layer 2 design considerations from a security perspective and mitigation techniques for Layer 2 attacks.
منابع مشابه
A Human Factors Extension to the Seven-Layer OSI Reference Model
An extension to the seven-layer OSI Reference Model is proposed as a way to facilitate discussions between HCI (Human-Computer Interaction) practitioners on one hand, and application and network developers on the other. A new common conceptual ground can be used to understand how to link applications to human needs as a function of network capabilities. The framework also permits an understandi...
متن کاملModeling Host OSI Layers Cyber-Attacks Using System Dynamics
Cyber security modeling is the process of creating a normalized view of the cyber security situation. A typical cyber security model has information about the network infrastructure, security settings, and a list of possible vulnerabilities and threats. By using known vulnerabilities, and information about the infrastructure and security controls in place, the cyber security simulation allows a...
متن کاملAssessment of High and Low Rate Protocol-based Attacks on Ethernet Networks
The Internet and Web have significantly transformed the world’s communication system. The capability of the Internet to instantly access information at anytime from anywhere has brought benefit for a wide variety of areas including business, government, education, institutions, medical, and entertainment services. However, the Internet has also opened up the possibilities for hackers to exploit...
متن کاملWireless Mesh Network Cross-Layer Intrusion Detection
Intrusion is something which is unsolicited activity and which might be used to interrupt the functions of wireless network. If we talk about wireless networks, having centralized monitoring policy; therefore it is very much easy to detect and eliminate intrusions efficiently. But when we look forward to wireless scenario, especially in the multi hop wireless network, intrusion activities are m...
متن کاملVarious OSI Layer Attacks and Countermeasure to Enhance the Performance of WSNs during Wormhole Attack
Wireless sensor networks are networks having non wired infrastructure and dynamic topology. In OSI model each layer is prone to various attacks, which halts the performance of a network .In this paper several attacks on four layers of OSI model are discussed and security mechanism is described to prevent attack in network layer i.e wormhole attack. In Wormhole attack two or more malicious nodes...
متن کامل