SlideShare una empresa de Scribd logo

Frame - MAC Address Threats & Vulnerabilities

Descargar como PPTX, PDF
Marc-Andre Heroux
Marc-Andre Heroux

Ethernet Frames - MAC Sublayer - 802.3 ARP spoofing / ARP pollution example

Tecnología
1 de 6
FRAME - MAC ADDRESS THREATS & VULNERABILITIES ETHERNET FRAMES - MAC SUBLAYER - 802.3 By Marc-Andre Heroux CGEIT, CISA, CRMA, CRMP, ABCP, CISSP, NSA-IAM, NSA-IEM V. 1.0 Security & Compliance Advisor
EXAMPLE OF THE USE OF MAC ADDRESS AT THE LAYER 2 FRAME  In this demonstration, we have the machine2.mydomain.net (IP: 10.0.0.2) sending to machine3.mydomain.net (IP: 10.0.1.2).  Router/firewall uses datagrams at layer 3 with two components: a header and a payload. Ethernet works at layer 2 with frames (data link layer) and Address Resolution Protocol (ARP) is used (e.g.: MAC address resolution). All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0 10.0.0.2 What is MAC address of 10.0.1.2? 10.0.1.2 Initial transmission request Frame sent to all ports Broadcasting
EXAMPLE OF THE USE OF MAC ADDRESS AT THE LAYER 2 FRAME MAC ADDRESS DESCRIPTION All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0
HOW FRAMES ARE SENT? MAN-IN-THE-MIDDLE ATTACK  If the switch ARP cache table does not contain any entry for 10.0.1.2, the frame is sent to all ports. If any IP address corresponds to 10.0.1.2, the ARP reply will contain the destination MAC. If not found at the switch level, the frame will sent to all ports. If a switch or a router is connected, they will receive the ARP request. 10.0.0.2 What is MAC address of 10.0.1.2? Potential Man-In-THE-MIDDLE Attack on MAC HEADER IN the data payload section. All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0 10.0.1.2 Uses it’s own source MAC when sending request Initial transmission request Frame sent to all ports Broadcasting MAC not found
EXAMPLE OF THE USE OF MAC ADDRESS AT THE LAYER 2 FRAME  The router will then respond with it's MAC and the switch will update it’s table, a new MAC header will usually be created and frames will be sent to router and the discovery/transmission will continue to the next hop. In our example, we have many organizational routable subnets divided by routers and connected to various switches. 10.0.0.2 What is MAC address of 10.0.1.2? MAC not found Potential Man-In-THE-MIDDLE Attack on MAC HEADER IN the data payload section. All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0 10.0.1.2 Uses is own source MAC when sending request Initial transmission request Frame sent to all ports Broadcasting
CONCLUSION  Prevent threat agent to connect to your local network and avoid many incidents against Ethernet frame;  Detect and stop abnormal activities;  Most networks are running IPV4 and uses ARP. The same principles exist for IPV6 and Neighbor Discovery Protocol (NDP). Monitoring Logging Detection Correlation Alerting Correction All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0

Recomendados

Basic Cisco 800 Router Configuration for Internet Access
Basic Cisco 800 Router Configuration for Internet AccessBasic Cisco 800 Router Configuration for Internet Access
Basic Cisco 800 Router Configuration for Internet AccessHarris Andrea
 
Vlan
VlanVlan
VlanPAF-KIET
 
CCNA Security configuration
CCNA Security configurationCCNA Security configuration
CCNA Security configurationRafat Khandaker
 
Configuring GRE Tunnel Through a Cisco ASA Firewall
Configuring GRE Tunnel Through a Cisco ASA FirewallConfiguring GRE Tunnel Through a Cisco ASA Firewall
Configuring GRE Tunnel Through a Cisco ASA FirewallHarris Andrea
 
Packet Tracer: Routing protocols EIGRP and OSPF
Packet Tracer: Routing protocols EIGRP and OSPFPacket Tracer: Routing protocols EIGRP and OSPF
Packet Tracer: Routing protocols EIGRP and OSPFRafat Khandaker
 
CCNA Packet Tracer 1.6.1
CCNA Packet Tracer 1.6.1CCNA Packet Tracer 1.6.1
CCNA Packet Tracer 1.6.1Rafat Khandaker
 
Configuring dynamic switchport security
Configuring dynamic switchport securityConfiguring dynamic switchport security
Configuring dynamic switchport securityIT Tech
 
How to Configure Private VLANs on Cisco Switches
How to Configure Private VLANs on Cisco SwitchesHow to Configure Private VLANs on Cisco Switches
How to Configure Private VLANs on Cisco SwitchesHarris Andrea
 

Recomendados

Basic Cisco 800 Router Configuration for Internet Access
Basic Cisco 800 Router Configuration for Internet AccessBasic Cisco 800 Router Configuration for Internet Access
Basic Cisco 800 Router Configuration for Internet AccessHarris Andrea
 
Vlan
VlanVlan
VlanPAF-KIET
 
CCNA Security configuration
CCNA Security configurationCCNA Security configuration
CCNA Security configurationRafat Khandaker
 
Configuring GRE Tunnel Through a Cisco ASA Firewall
Configuring GRE Tunnel Through a Cisco ASA FirewallConfiguring GRE Tunnel Through a Cisco ASA Firewall
Configuring GRE Tunnel Through a Cisco ASA FirewallHarris Andrea
 
Packet Tracer: Routing protocols EIGRP and OSPF
Packet Tracer: Routing protocols EIGRP and OSPFPacket Tracer: Routing protocols EIGRP and OSPF
Packet Tracer: Routing protocols EIGRP and OSPFRafat Khandaker
 
CCNA Packet Tracer 1.6.1
CCNA Packet Tracer 1.6.1CCNA Packet Tracer 1.6.1
CCNA Packet Tracer 1.6.1Rafat Khandaker
 
Configuring dynamic switchport security
Configuring dynamic switchport securityConfiguring dynamic switchport security
Configuring dynamic switchport securityIT Tech
 
How to Configure Private VLANs on Cisco Switches
How to Configure Private VLANs on Cisco SwitchesHow to Configure Private VLANs on Cisco Switches
How to Configure Private VLANs on Cisco SwitchesHarris Andrea
 
2.3.1.5 packet tracer configuring rapid pvst+ answer
2.3.1.5 packet tracer configuring rapid pvst+ answer2.3.1.5 packet tracer configuring rapid pvst+ answer
2.3.1.5 packet tracer configuring rapid pvst+ answerNarayana Samy
 
Packet tracer practical guide
Packet tracer practical guidePacket tracer practical guide
Packet tracer practical guideNishant Gandhi
 
Pt using packettracer
Pt using packettracerPt using packettracer
Pt using packettracerssusera4b34f
 
Ccna 4 exam
Ccna 4 examCcna 4 exam
Ccna 4 examccnaguide
 
Wi fi hacking
Wi fi hackingWi fi hacking
Wi fi hackingHarshitParkar6677
 
6.switching vla ns
6.switching vla ns6.switching vla ns
6.switching vla nsCYBERINTELLIGENTS
 
Frame relay design
Frame relay designFrame relay design
Frame relay designBhargav Amin
 
Sniffing in a Switched Network
Sniffing in a Switched NetworkSniffing in a Switched Network
Sniffing in a Switched Networkamiable_indian
 
Networking
NetworkingNetworking
NetworkingPravesh Hidko
 
Cisco packet tracer router
Cisco packet tracer routerCisco packet tracer router
Cisco packet tracer routerrishi ram khanal
 
Free CCNA workbook by networkers home pdf
Free CCNA workbook by networkers home pdfFree CCNA workbook by networkers home pdf
Free CCNA workbook by networkers home pdfNetworkershome
 
Send me your echolocation
Send me your echolocationSend me your echolocation
Send me your echolocationFastly
 
M3 – cisco packet tracer lab
M3 – cisco packet tracer labM3 – cisco packet tracer lab
M3 – cisco packet tracer labDrew7Williams
 
Student packet tracer manual v1.1
Student packet tracer manual v1.1Student packet tracer manual v1.1
Student packet tracer manual v1.1milkux
 
Packet Tracer Tutorial # 1
Packet Tracer Tutorial # 1Packet Tracer Tutorial # 1
Packet Tracer Tutorial # 1Abdul Basit
 
Ccna 7 exam
Ccna 7 examCcna 7 exam
Ccna 7 examccnaguide
 
CCNP Troubleshooting
CCNP TroubleshootingCCNP Troubleshooting
CCNP TroubleshootingNetworkershome
 
designandimplementanetwork
designandimplementanetworkdesignandimplementanetwork
designandimplementanetworkAdi Fang
 
Free CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdfFree CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdfNetworkershome
 
CCNP Routing
CCNP Routing CCNP Routing
CCNP Routing Networkershome
 
Networking devices
Networking devices Networking devices
Networking devices Aswini Badatya
 
20 Common Ports and their Purposes
20 Common Ports and their Purposes20 Common Ports and their Purposes
20 Common Ports and their Purposesahmadsamer10
 

Más contenido relacionado

La actualidad más candente

2.3.1.5 packet tracer configuring rapid pvst+ answer
2.3.1.5 packet tracer configuring rapid pvst+ answer2.3.1.5 packet tracer configuring rapid pvst+ answer
2.3.1.5 packet tracer configuring rapid pvst+ answerNarayana Samy
 
Packet tracer practical guide
Packet tracer practical guidePacket tracer practical guide
Packet tracer practical guideNishant Gandhi
 
Pt using packettracer
Pt using packettracerPt using packettracer
Pt using packettracerssusera4b34f
 
Frame relay design
Frame relay designFrame relay design
Frame relay designBhargav Amin
 
Sniffing in a Switched Network
Sniffing in a Switched NetworkSniffing in a Switched Network
Sniffing in a Switched Networkamiable_indian
 
Cisco packet tracer router
Cisco packet tracer routerCisco packet tracer router
Cisco packet tracer routerrishi ram khanal
 
Free CCNA workbook by networkers home pdf
Free CCNA workbook by networkers home pdfFree CCNA workbook by networkers home pdf
Free CCNA workbook by networkers home pdfNetworkershome
 
Send me your echolocation
Send me your echolocationSend me your echolocation
Send me your echolocationFastly
 
M3 – cisco packet tracer lab
M3 – cisco packet tracer labM3 – cisco packet tracer lab
M3 – cisco packet tracer labDrew7Williams
 
Student packet tracer manual v1.1
Student packet tracer manual v1.1Student packet tracer manual v1.1
Student packet tracer manual v1.1milkux
 
Packet Tracer Tutorial # 1
Packet Tracer Tutorial # 1Packet Tracer Tutorial # 1
Packet Tracer Tutorial # 1Abdul Basit
 
designandimplementanetwork
designandimplementanetworkdesignandimplementanetwork
designandimplementanetworkAdi Fang
 
Free CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdfFree CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdfNetworkershome
 

La actualidad más candente (20)

2.3.1.5 packet tracer configuring rapid pvst+ answer
2.3.1.5 packet tracer configuring rapid pvst+ answer2.3.1.5 packet tracer configuring rapid pvst+ answer
2.3.1.5 packet tracer configuring rapid pvst+ answer
 
Packet tracer practical guide
Packet tracer practical guidePacket tracer practical guide
Packet tracer practical guide
 
Pt using packettracer
Pt using packettracerPt using packettracer
Pt using packettracer
 
Ccna 4 exam
Ccna 4 examCcna 4 exam
Ccna 4 exam
 
Wi fi hacking
Wi fi hackingWi fi hacking
Wi fi hacking
 
6.switching vla ns
6.switching vla ns6.switching vla ns
6.switching vla ns
 
Frame relay design
Frame relay designFrame relay design
Frame relay design
 
Sniffing in a Switched Network
Sniffing in a Switched NetworkSniffing in a Switched Network
Sniffing in a Switched Network
 
Networking
NetworkingNetworking
Networking
 
Cisco packet tracer router
Cisco packet tracer routerCisco packet tracer router
Cisco packet tracer router
 
Free CCNA workbook by networkers home pdf
Free CCNA workbook by networkers home pdfFree CCNA workbook by networkers home pdf
Free CCNA workbook by networkers home pdf
 
Send me your echolocation
Send me your echolocationSend me your echolocation
Send me your echolocation
 
M3 – cisco packet tracer lab
M3 – cisco packet tracer labM3 – cisco packet tracer lab
M3 – cisco packet tracer lab
 
Student packet tracer manual v1.1
Student packet tracer manual v1.1Student packet tracer manual v1.1
Student packet tracer manual v1.1
 
Packet Tracer Tutorial # 1
Packet Tracer Tutorial # 1Packet Tracer Tutorial # 1
Packet Tracer Tutorial # 1
 
Ccna 7 exam
Ccna 7 examCcna 7 exam
Ccna 7 exam
 
CCNP Troubleshooting
CCNP TroubleshootingCCNP Troubleshooting
CCNP Troubleshooting
 
designandimplementanetwork
designandimplementanetworkdesignandimplementanetwork
designandimplementanetwork
 
Free CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdfFree CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdf
 
CCNP Routing
CCNP Routing CCNP Routing
CCNP Routing
 

Destacado

20 Common Ports and their Purposes
20 Common Ports and their Purposes20 Common Ports and their Purposes
20 Common Ports and their Purposesahmadsamer10
 
20 Common Ports and their purposes
20 Common Ports and their purposes 20 Common Ports and their purposes
20 Common Ports and their purposes MaryamAlGhaith
 
Controlled Access Protocols
Controlled Access ProtocolsControlled Access Protocols
Controlled Access ProtocolsPruthviraj Konu
 
Intro to Bits, Bytes, and Storage
Intro to Bits, Bytes, and StorageIntro to Bits, Bytes, and Storage
Intro to Bits, Bytes, and StorageJohn Goldsworthy
 
Networking Devices and Networking Topologies
Networking Devices and Networking TopologiesNetworking Devices and Networking Topologies
Networking Devices and Networking Topologiesmc aa
 
Carrier Sense Multiple Access (CSMA)
Carrier Sense Multiple Access (CSMA)Carrier Sense Multiple Access (CSMA)
Carrier Sense Multiple Access (CSMA)Mohammed Abuibaid
 
6 network devices
6 network devices6 network devices
6 network devicesMuuluu
 
difference between hub, bridge, switch and router
difference between hub, bridge, switch and routerdifference between hub, bridge, switch and router
difference between hub, bridge, switch and routerAkmal Cikmat
 
Network Hardware And Software
Network Hardware And SoftwareNetwork Hardware And Software
Network Hardware And SoftwareSteven Cahill
 

Destacado (13)

Networking devices
Networking devices Networking devices
Networking devices
 
20 Common Ports and their Purposes
20 Common Ports and their Purposes20 Common Ports and their Purposes
20 Common Ports and their Purposes
 
20 Common Ports and their purposes
20 Common Ports and their purposes 20 Common Ports and their purposes
20 Common Ports and their purposes
 
Controlled Access Protocols
Controlled Access ProtocolsControlled Access Protocols
Controlled Access Protocols
 
Intro to Bits, Bytes, and Storage
Intro to Bits, Bytes, and StorageIntro to Bits, Bytes, and Storage
Intro to Bits, Bytes, and Storage
 
Networking Devices and Networking Topologies
Networking Devices and Networking TopologiesNetworking Devices and Networking Topologies
Networking Devices and Networking Topologies
 
Carrier Sense Multiple Access (CSMA)
Carrier Sense Multiple Access (CSMA)Carrier Sense Multiple Access (CSMA)
Carrier Sense Multiple Access (CSMA)
 
6 network devices
6 network devices6 network devices
6 network devices
 
Csma
CsmaCsma
Csma
 
CSMA/CD
CSMA/CDCSMA/CD
CSMA/CD
 
difference between hub, bridge, switch and router
difference between hub, bridge, switch and routerdifference between hub, bridge, switch and router
difference between hub, bridge, switch and router
 
CSMA/CA
CSMA/CACSMA/CA
CSMA/CA
 
Network Hardware And Software
Network Hardware And SoftwareNetwork Hardware And Software
Network Hardware And Software
 

Similar a Frame - MAC Address Threats & Vulnerabilities

Network Security - Layer 2
Network Security - Layer 2Network Security - Layer 2
Network Security - Layer 2samis
 
Cisco Switch Security
Cisco Switch SecurityCisco Switch Security
Cisco Switch Securitydkaya
 
Ccna 1 chapter 9 v4.0 answers 2011
Ccna 1 chapter 9 v4.0 answers 2011Ccna 1 chapter 9 v4.0 answers 2011
Ccna 1 chapter 9 v4.0 answers 2011Dân Chơi
 
2.Phys & Link
2.Phys & Link2.Phys & Link
2.Phys & Linkphanleson
 
Pentesting layer 2 protocols
Pentesting layer 2 protocolsPentesting layer 2 protocols
Pentesting layer 2 protocolsAbdessamad TEMMAR
 
Lan switching technologies
Lan switching technologiesLan switching technologies
Lan switching technologiesMohammedseleim
 
Data communication part2
Data communication part2Data communication part2
Data communication part2Melvin Cabatuan
 
802 11 2
802 11 2802 11 2
802 11 2rphelps
 
КЛМ_Урок 5
КЛМ_Урок 5КЛМ_Урок 5
КЛМ_Урок 5RaynaITSTEP
 
Training Day Slides
Training Day SlidesTraining Day Slides
Training Day Slidesadam_merritt
 
Mitigating Layer2 Attacks
Mitigating Layer2 AttacksMitigating Layer2 Attacks
Mitigating Layer2 Attacksdkaya
 
Ccna 3 chapter 2 v4.0 answers 2011
Ccna 3 chapter 2 v4.0 answers 2011Ccna 3 chapter 2 v4.0 answers 2011
Ccna 3 chapter 2 v4.0 answers 2011Dân Chơi
 
5G Transport Network Technology.pptx
5G Transport Network Technology.pptx5G Transport Network Technology.pptx
5G Transport Network Technology.pptxssuseraab93e
 

Similar a Frame - MAC Address Threats & Vulnerabilities (20)

Ch6
Ch6Ch6
Ch6
 
Network Security - Layer 2
Network Security - Layer 2Network Security - Layer 2
Network Security - Layer 2
 
Cisco Switch Security
Cisco Switch SecurityCisco Switch Security
Cisco Switch Security
 
LAYER2_
LAYER2_LAYER2_
LAYER2_
 
Ccna 1 chapter 9 v4.0 answers 2011
Ccna 1 chapter 9 v4.0 answers 2011Ccna 1 chapter 9 v4.0 answers 2011
Ccna 1 chapter 9 v4.0 answers 2011
 
2.Phys & Link
2.Phys & Link2.Phys & Link
2.Phys & Link
 
Pentesting layer 2 protocols
Pentesting layer 2 protocolsPentesting layer 2 protocols
Pentesting layer 2 protocols
 
Lan switching technologies
Lan switching technologiesLan switching technologies
Lan switching technologies
 
Hacking L2 Switches
Hacking L2 SwitchesHacking L2 Switches
Hacking L2 Switches
 
Cap2 configuring switch
Cap2 configuring switchCap2 configuring switch
Cap2 configuring switch
 
Ethernet_Networks
Ethernet_NetworksEthernet_Networks
Ethernet_Networks
 
Data communication part2
Data communication part2Data communication part2
Data communication part2
 
802 11 2
802 11 2802 11 2
802 11 2
 
КЛМ_Урок 5
КЛМ_Урок 5КЛМ_Урок 5
КЛМ_Урок 5
 
Arp spoofing
Arp spoofingArp spoofing
Arp spoofing
 
Networking Technologies : Segmentation
Networking Technologies : Segmentation Networking Technologies : Segmentation
Networking Technologies : Segmentation
 
Training Day Slides
Training Day SlidesTraining Day Slides
Training Day Slides
 
Mitigating Layer2 Attacks
Mitigating Layer2 AttacksMitigating Layer2 Attacks
Mitigating Layer2 Attacks
 
Ccna 3 chapter 2 v4.0 answers 2011
Ccna 3 chapter 2 v4.0 answers 2011Ccna 3 chapter 2 v4.0 answers 2011
Ccna 3 chapter 2 v4.0 answers 2011
 
5G Transport Network Technology.pptx
5G Transport Network Technology.pptx5G Transport Network Technology.pptx
5G Transport Network Technology.pptx
 

Más de Marc-Andre Heroux

Enterprise Security Critical Security Functions version 1.0
Enterprise Security Critical Security Functions version 1.0Enterprise Security Critical Security Functions version 1.0
Enterprise Security Critical Security Functions version 1.0Marc-Andre Heroux
 
Monitoring your organization against threats - Critical System Control
Monitoring your organization against threats - Critical System ControlMonitoring your organization against threats - Critical System Control
Monitoring your organization against threats - Critical System ControlMarc-Andre Heroux
 
Modèle de sécurité organisationnelle
Modèle de sécurité organisationnelleModèle de sécurité organisationnelle
Modèle de sécurité organisationnelleMarc-Andre Heroux
 
Méthodologie - adoption d'une norme en 7 étapes
Méthodologie - adoption d'une norme en 7 étapesMéthodologie - adoption d'une norme en 7 étapes
Méthodologie - adoption d'une norme en 7 étapesMarc-Andre Heroux
 
BUSINESS MATURITY LIFE CYCLE
BUSINESS MATURITY LIFE CYCLEBUSINESS MATURITY LIFE CYCLE
BUSINESS MATURITY LIFE CYCLEMarc-Andre Heroux
 
Assurance compliance management system
Assurance compliance management systemAssurance compliance management system
Assurance compliance management systemMarc-Andre Heroux
 

Más de Marc-Andre Heroux (9)

Linux encrypted container
Linux encrypted containerLinux encrypted container
Linux encrypted container
 
IT Control Framework
IT Control FrameworkIT Control Framework
IT Control Framework
 
Enterprise Security Critical Security Functions version 1.0
Enterprise Security Critical Security Functions version 1.0Enterprise Security Critical Security Functions version 1.0
Enterprise Security Critical Security Functions version 1.0
 
Online Authentication
Online AuthenticationOnline Authentication
Online Authentication
 
Monitoring your organization against threats - Critical System Control
Monitoring your organization against threats - Critical System ControlMonitoring your organization against threats - Critical System Control
Monitoring your organization against threats - Critical System Control
 
Modèle de sécurité organisationnelle
Modèle de sécurité organisationnelleModèle de sécurité organisationnelle
Modèle de sécurité organisationnelle
 
Méthodologie - adoption d'une norme en 7 étapes
Méthodologie - adoption d'une norme en 7 étapesMéthodologie - adoption d'une norme en 7 étapes
Méthodologie - adoption d'une norme en 7 étapes
 
BUSINESS MATURITY LIFE CYCLE
BUSINESS MATURITY LIFE CYCLEBUSINESS MATURITY LIFE CYCLE
BUSINESS MATURITY LIFE CYCLE
 
Assurance compliance management system
Assurance compliance management systemAssurance compliance management system
Assurance compliance management system
 

Último

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Último (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

Frame - MAC Address Threats & Vulnerabilities

  • 1. FRAME - MAC ADDRESS THREATS & VULNERABILITIES ETHERNET FRAMES - MAC SUBLAYER - 802.3 By Marc-Andre Heroux CGEIT, CISA, CRMA, CRMP, ABCP, CISSP, NSA-IAM, NSA-IEM V. 1.0 Security & Compliance Advisor
  • 2. EXAMPLE OF THE USE OF MAC ADDRESS AT THE LAYER 2 FRAME  In this demonstration, we have the machine2.mydomain.net (IP: 10.0.0.2) sending to machine3.mydomain.net (IP: 10.0.1.2).  Router/firewall uses datagrams at layer 3 with two components: a header and a payload. Ethernet works at layer 2 with frames (data link layer) and Address Resolution Protocol (ARP) is used (e.g.: MAC address resolution). All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0 10.0.0.2 What is MAC address of 10.0.1.2? 10.0.1.2 Initial transmission request Frame sent to all ports Broadcasting
  • 3. EXAMPLE OF THE USE OF MAC ADDRESS AT THE LAYER 2 FRAME MAC ADDRESS DESCRIPTION All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0
  • 4. HOW FRAMES ARE SENT? MAN-IN-THE-MIDDLE ATTACK  If the switch ARP cache table does not contain any entry for 10.0.1.2, the frame is sent to all ports. If any IP address corresponds to 10.0.1.2, the ARP reply will contain the destination MAC. If not found at the switch level, the frame will sent to all ports. If a switch or a router is connected, they will receive the ARP request. 10.0.0.2 What is MAC address of 10.0.1.2? Potential Man-In-THE-MIDDLE Attack on MAC HEADER IN the data payload section. All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0 10.0.1.2 Uses it’s own source MAC when sending request Initial transmission request Frame sent to all ports Broadcasting MAC not found
  • 5. EXAMPLE OF THE USE OF MAC ADDRESS AT THE LAYER 2 FRAME  The router will then respond with it's MAC and the switch will update it’s table, a new MAC header will usually be created and frames will be sent to router and the discovery/transmission will continue to the next hop. In our example, we have many organizational routable subnets divided by routers and connected to various switches. 10.0.0.2 What is MAC address of 10.0.1.2? MAC not found Potential Man-In-THE-MIDDLE Attack on MAC HEADER IN the data payload section. All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0 10.0.1.2 Uses is own source MAC when sending request Initial transmission request Frame sent to all ports Broadcasting
  • 6. CONCLUSION  Prevent threat agent to connect to your local network and avoid many incidents against Ethernet frame;  Detect and stop abnormal activities;  Most networks are running IPV4 and uses ARP. The same principles exist for IPV6 and Neighbor Discovery Protocol (NDP). Monitoring Logging Detection Correlation Alerting Correction All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0