[Security] How secure is Data Link Layer?

-
Networking Self-Teaching Guide: OSI, TCP/IP, LAN's, MAN's, WAN's, Implementation, Management, and Maintenance (Wiley Self Teaching Guides)
It's time to get deeper in security. After check about encryption tools, now we will have a look on its concepts. Most of you have heard the OSI Layers. The O.S.I. model (O.S.I. - Open System Interconnection) is a way of sub-dividing a System into smaller parts (called layers) from the point of view of communications. 


A layer is a collection of conceptually similar functions that provide services to the layer above it and receives services from the layer below it. On each layer an instance provides services to the instances at the layer above and requests service from the layer below.

For example, a layer that provides error-free communications, across a network provides the path needed by applications above it, while it calls the next lower layer to send and receive packets that make up the contents of the path. Conceptually two instances at one layer are connected by a horizontal protocol connection on that layer.


Time has passed but did anything change about Layer 2? As a matter of fact, it did! Layer 2 intrinsics functioning may be the same but it could be more vulnerable than before. Auditors continue to look for the procedures book to identify possible risks or flaws, on how vulnerable your network is to the unexpected hacker according to what their auditing manual said.


The Data Link Layer of the OSI model is responsible for communications between adjacent network nodes. Switches operate at the Data Link Layer. It is further more responsible for monitoring,correcting the flow of data as well as errors that creep up in transmission of data . It employs the use of block and convoluted coding to check the flow and error mechanism in transmission of data. Data link layer consists of two sub-layers:

  • Logical Link Control (LLC) sublayer
  • Medium Access Control (MAC) sublayer.

TCP/IP Illustrated, Vol. 1: The ProtocolsLLC sublayer provides interface between the media access methods and network layer protocols such as internet protocol which is a part of TCP/IP protocol suite. LLC sublayer determines whether the communication is going to be connectionless or connection-oriented at the data link layer. MAC sublayer is responsible for connection to physical media. At the MAC sublayer of data link layer, the actual physical address of the device,called the MAC address, is added to the frame (which contains the packets inside). The frame contains all the information necessary to travel from source device to destination device. Each time a frame is created while it travels the path, it gets stamped with the MAC address of the last sending device in the "source" address, whereas the "destination" address gets the MAC of the adjacent receiving device. In simple words, a frame is needed to carry packets between two adjacent devices where they get discarded and recreated each time they are received/sent. MAC address is the 12 digit hexadecimal number unique to every computer in this world. A device's MAC address is located on its Network Interface Card (NIC). In these 12 digits of MAC address, the first six digits indicate the NIC manufacturer and the last six digits are unique. For example, 32-14-a6-42-17-0c is a 12 digit hexadecimal MAC address. Thus MAC address represents the physical address of a device in the network.


Truth been told, we are always concerned about our routers, their policies, who have access to it and rule's prevalences order according to the user's manual of our preferred device manufacturer.Probably all this is justified by historical data. At the beginning there was no network, no protocols, no risk. Eventually technology developed and network focuses on the main devices tiding everything up (broadband connections, redundant -dual ISP- routers, etc) and dump devices (as switches, for example) were overlooked.

Have you realized the importance of your switch and its impact on your network? Do you remember the OSI model, its layers and how they interact with each other? Data Link Layer 2 was not built in with security features, plus layers do not share security information with each other so that each layer look for specifics on its security but do not interact with other layers to provide them with feedback of possible security breaches.Well, again, technology has evolved and now manageable switches allows you to take close control of what's taking place on Layer 2, data link.

Network Security BibleSecurity has always focus on checking and double checking the transport, network and application layer but not the data link layer which is commonly attacked by either ARP positioning, MAC flooding, Port Stealing, Denial of Service (DoS), MAC cloning, Hijacking, Multicast Brute Force, Frame Stress attack, etc. ARP (Address Resolution Protocol), a stateless protocol, is responsible for binding MAC addresses with IP addresses. This binding process takes places without any level of security or authentication.


ARP broadcast a request over the network trying to find a target who's MAC address, once identified, is attached to a specific temporal IP address. At this point the identification process is recorded on an ARP cache that converts IP address to MAC address, this is call positioning. Since no authentication mechanism has been activated at this point, a cloned MAC address would easily compromise the system's security.

Several alternatives are widely available to improve layer's 2 security. Intrusion Detection Systems (IDSs) can be configured to listen traffic on the ARP protocol, allowing you to take action over that traffic.

Proper implementation of VLAN's can also provide some additional security on traffic on this Layers. The fact is that network security specialists should pay close attention to Layer 2 when working on new network's designs. This will minimize risk or potential attackers.

Comments

Post a Comment

Popular posts from this blog

[Utility] Some file recovery

-
Now we will share you some utilities software  for your computer. Sooner or later the vast majority become familiar with the significance of backups. Odds are you as of now have something set up, maybe utilizing a cloud-based program, for example, Google Drive, Dropbox, or Microsoft's OneDrive. You may have everything routinely spared to a USB stick or to an hard drive too. You may even have each of the three in play. However, while upload-download documents and folders over numerous gadgets makes it simple to spare them, it sadly additionally makes it simple to erase them coincidentally. Attempting to sort out and revamp files and folders is an incredible method to coincidentally lose a significant files, just to acknowledge what happened past the point of no return. This is the where some greate file recovery can make their mark, and keeping in mind that there are some costly paid plans, we're going to list the some of the file recevory software here: 1. ...
Read more

[MOBILE APPS] Quik; Free mobile video editor that anyone can use

-
Image
It's time for another freeware , this time is for mobile platform. It's anything but difficult to shoot recordings on your Android telephone, yet making them look astonishing is a lot trickier. That is the reason you require a free video altering application.  With one of these convenient editors on your telephone, you can change your clasps to flawlessness before transferring them to Facebook, Instagram, Twitter or YouTube.  Video altering applications are so helpful, it's nothing unexpected that the Google Play Store is stuffed with them. That is the reason we've selected the plain best ones, and put them through hell so you can pick the one that suits the manner in which you shoot.  Quik is a fundamental video altering application that basically anybody can utilize. In any case, it doesn't accompany propelled highlights that you can discover with other video altering applications out there. It works by giving you a chance to choose a cluster of ph...
Read more

[FREEWARE] How to download PC games FREE and LEGAL

-
Yes.. it is FREE and LEGAL !!! And it's legit info! Not just some freewares , but some real games for PC. Here is some places where you can download PC games for free legally. 1. Huge collection .. classic to new games ..  Ocean of Games The website has a large collection of games that can be downloaded without signing up. You can find the latest editions of popular games such as Far Cry, Grand Theft Auto, Resident Evil and many more. All were free .. all were legal to download. 2. Retro games .. classic games .. My Abandonware With more than 14000 games available that have been abandoned by their developers, you can play download some of the classics such as Need For Speed, Warcraft, Lemmings, The Incredible Machine, etc. 3. Steam .. you all know it ..   Steamgifts You can learn how to become a member, how to sponsor giveaways, or how to use Steamgifts through their FAQ section. The link to your steam account is needed so that the community members can find your...
Read more