Layer 1 and 2 DoS Attacks: Difference between revisions

From charlesreid1

(Created page with "Denial of service at level 1 or 2 can take two forms. The first is a physical denial of service - this would be something like radio jamming or snipped network cables. This i...")
 
No edit summary
Line 3: Line 3:
The first is a physical denial of service - this would be something like radio jamming or snipped network cables. This is a physical means of preventing a sheep from connecting to a network or to other resources.
The first is a physical denial of service - this would be something like radio jamming or snipped network cables. This is a physical means of preventing a sheep from connecting to a network or to other resources.


The second is at the router level, and consists of tampering with the CAM table, which maps MAC addresses to IP addresses. Technically, this is really a level 3 attack, but since I can't think of any purely Level 2 DoS attacks... there you go.
The second is at the router level, and consists of tampering with the CAM table, which maps MAC addresses to IP addresses. (Note: technically, this is really a level 3 attack, but since I can't think of any purely Level 2 DoS attacks... there you go.)
 
CAM Overflow/MAC Flood: [[DoS/Mac Flood]]
* This type of attack is more useful in man-in-the-middle attacks, as a full CAM table does not break the router, it simply causes the router to broadcast traffic to all ports and all parties on the network.
* It can still be a useful mitigation technique, however, for routers on small networks that are logging MAC addresses of clients

Revision as of 07:56, 25 August 2016

Denial of service at level 1 or 2 can take two forms.

The first is a physical denial of service - this would be something like radio jamming or snipped network cables. This is a physical means of preventing a sheep from connecting to a network or to other resources.

The second is at the router level, and consists of tampering with the CAM table, which maps MAC addresses to IP addresses. (Note: technically, this is really a level 3 attack, but since I can't think of any purely Level 2 DoS attacks... there you go.)

CAM Overflow/MAC Flood: DoS/Mac Flood

  • This type of attack is more useful in man-in-the-middle attacks, as a full CAM table does not break the router, it simply causes the router to broadcast traffic to all ports and all parties on the network.
  • It can still be a useful mitigation technique, however, for routers on small networks that are logging MAC addresses of clients
Retrieved from "https://charlesreid1.com/w/index.php?title=Layer_1_and_2_DoS_Attacks&oldid=13316"