Layer 1 and 2 DoS Attacks: Difference between revisions

From charlesreid1

No edit summary
No edit summary
Line 7: Line 7:
CAM Overflow/MAC Flood: [[DoS/Mac Flood]]
CAM Overflow/MAC Flood: [[DoS/Mac Flood]]
* This type of attack is more useful in man-in-the-middle attacks, as a full CAM table does not break the router, it simply causes the router to broadcast traffic to all ports and all parties on the network.
* This type of attack is more useful in man-in-the-middle attacks, as a full CAM table does not break the router, it simply causes the router to broadcast traffic to all ports and all parties on the network.
* It can still be a useful mitigation technique, however, for routers on small networks that are logging MAC addresses of clients
* It can still be a useful mitigation technique, however. For routers on small networks that are logging MAC addresses of clients, one new mac address may

Revision as of 16:26, 25 August 2016

Denial of service at level 1 or 2 can take two forms.

The first is a physical denial of service - this would be something like radio jamming or snipped network cables. This is a physical means of preventing a sheep from connecting to a network or to other resources.

The second is at the router level, and consists of tampering with the CAM table, which maps MAC addresses to IP addresses. (Note: technically, this is really a level 3 attack, but since I can't think of any purely Level 2 DoS attacks... there you go.)

CAM Overflow/MAC Flood: DoS/Mac Flood

  • This type of attack is more useful in man-in-the-middle attacks, as a full CAM table does not break the router, it simply causes the router to broadcast traffic to all ports and all parties on the network.
  • It can still be a useful mitigation technique, however. For routers on small networks that are logging MAC addresses of clients, one new mac address may
Retrieved from "https://charlesreid1.com/w/index.php?title=Layer_1_and_2_DoS_Attacks&oldid=13318"