SlideShare ist ein Scribd-Unternehmen logo

Frame - MAC Address Threats & Vulnerabilities

Als PPTX, PDF herunterladen
Marc-Andre Heroux
Marc-Andre Heroux

Ethernet Frames - MAC Sublayer - 802.3 ARP spoofing / ARP pollution example

Technologie
1 von 6
FRAME - MAC ADDRESS THREATS & VULNERABILITIES ETHERNET FRAMES - MAC SUBLAYER - 802.3 By Marc-Andre Heroux CGEIT, CISA, CRMA, CRMP, ABCP, CISSP, NSA-IAM, NSA-IEM V. 1.0 Security & Compliance Advisor
EXAMPLE OF THE USE OF MAC ADDRESS AT THE LAYER 2 FRAME  In this demonstration, we have the machine2.mydomain.net (IP: 10.0.0.2) sending to machine3.mydomain.net (IP: 10.0.1.2).  Router/firewall uses datagrams at layer 3 with two components: a header and a payload. Ethernet works at layer 2 with frames (data link layer) and Address Resolution Protocol (ARP) is used (e.g.: MAC address resolution). All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0 10.0.0.2 What is MAC address of 10.0.1.2? 10.0.1.2 Initial transmission request Frame sent to all ports Broadcasting
EXAMPLE OF THE USE OF MAC ADDRESS AT THE LAYER 2 FRAME MAC ADDRESS DESCRIPTION All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0
HOW FRAMES ARE SENT? MAN-IN-THE-MIDDLE ATTACK  If the switch ARP cache table does not contain any entry for 10.0.1.2, the frame is sent to all ports. If any IP address corresponds to 10.0.1.2, the ARP reply will contain the destination MAC. If not found at the switch level, the frame will sent to all ports. If a switch or a router is connected, they will receive the ARP request. 10.0.0.2 What is MAC address of 10.0.1.2? Potential Man-In-THE-MIDDLE Attack on MAC HEADER IN the data payload section. All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0 10.0.1.2 Uses it’s own source MAC when sending request Initial transmission request Frame sent to all ports Broadcasting MAC not found
EXAMPLE OF THE USE OF MAC ADDRESS AT THE LAYER 2 FRAME  The router will then respond with it's MAC and the switch will update it’s table, a new MAC header will usually be created and frames will be sent to router and the discovery/transmission will continue to the next hop. In our example, we have many organizational routable subnets divided by routers and connected to various switches. 10.0.0.2 What is MAC address of 10.0.1.2? MAC not found Potential Man-In-THE-MIDDLE Attack on MAC HEADER IN the data payload section. All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0 10.0.1.2 Uses is own source MAC when sending request Initial transmission request Frame sent to all ports Broadcasting
CONCLUSION  Prevent threat agent to connect to your local network and avoid many incidents against Ethernet frame;  Detect and stop abnormal activities;  Most networks are running IPV4 and uses ARP. The same principles exist for IPV6 and Neighbor Discovery Protocol (NDP). Monitoring Logging Detection Correlation Alerting Correction All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0

Empfohlen

Basic Cisco 800 Router Configuration for Internet Access
Basic Cisco 800 Router Configuration for Internet AccessBasic Cisco 800 Router Configuration for Internet Access
Basic Cisco 800 Router Configuration for Internet AccessHarris Andrea
 
Vlan
VlanVlan
VlanPAF-KIET
 
CCNA Security configuration
CCNA Security configurationCCNA Security configuration
CCNA Security configurationRafat Khandaker
 
Configuring GRE Tunnel Through a Cisco ASA Firewall
Configuring GRE Tunnel Through a Cisco ASA FirewallConfiguring GRE Tunnel Through a Cisco ASA Firewall
Configuring GRE Tunnel Through a Cisco ASA FirewallHarris Andrea
 
Packet Tracer: Routing protocols EIGRP and OSPF
Packet Tracer: Routing protocols EIGRP and OSPFPacket Tracer: Routing protocols EIGRP and OSPF
Packet Tracer: Routing protocols EIGRP and OSPFRafat Khandaker
 
CCNA Packet Tracer 1.6.1
CCNA Packet Tracer 1.6.1CCNA Packet Tracer 1.6.1
CCNA Packet Tracer 1.6.1Rafat Khandaker
 
Configuring dynamic switchport security
Configuring dynamic switchport securityConfiguring dynamic switchport security
Configuring dynamic switchport securityIT Tech
 
How to Configure Private VLANs on Cisco Switches
How to Configure Private VLANs on Cisco SwitchesHow to Configure Private VLANs on Cisco Switches
How to Configure Private VLANs on Cisco SwitchesHarris Andrea
 

Empfohlen

Basic Cisco 800 Router Configuration for Internet Access
Basic Cisco 800 Router Configuration for Internet AccessBasic Cisco 800 Router Configuration for Internet Access
Basic Cisco 800 Router Configuration for Internet AccessHarris Andrea
 
Vlan
VlanVlan
VlanPAF-KIET
 
CCNA Security configuration
CCNA Security configurationCCNA Security configuration
CCNA Security configurationRafat Khandaker
 
Configuring GRE Tunnel Through a Cisco ASA Firewall
Configuring GRE Tunnel Through a Cisco ASA FirewallConfiguring GRE Tunnel Through a Cisco ASA Firewall
Configuring GRE Tunnel Through a Cisco ASA FirewallHarris Andrea
 
Packet Tracer: Routing protocols EIGRP and OSPF
Packet Tracer: Routing protocols EIGRP and OSPFPacket Tracer: Routing protocols EIGRP and OSPF
Packet Tracer: Routing protocols EIGRP and OSPFRafat Khandaker
 
CCNA Packet Tracer 1.6.1
CCNA Packet Tracer 1.6.1CCNA Packet Tracer 1.6.1
CCNA Packet Tracer 1.6.1Rafat Khandaker
 
Configuring dynamic switchport security
Configuring dynamic switchport securityConfiguring dynamic switchport security
Configuring dynamic switchport securityIT Tech
 
How to Configure Private VLANs on Cisco Switches
How to Configure Private VLANs on Cisco SwitchesHow to Configure Private VLANs on Cisco Switches
How to Configure Private VLANs on Cisco SwitchesHarris Andrea
 
2.3.1.5 packet tracer configuring rapid pvst+ answer
2.3.1.5 packet tracer configuring rapid pvst+ answer2.3.1.5 packet tracer configuring rapid pvst+ answer
2.3.1.5 packet tracer configuring rapid pvst+ answerNarayana Samy
 
Packet tracer practical guide
Packet tracer practical guidePacket tracer practical guide
Packet tracer practical guideNishant Gandhi
 
Pt using packettracer
Pt using packettracerPt using packettracer
Pt using packettracerssusera4b34f
 
Ccna 4 exam
Ccna 4 examCcna 4 exam
Ccna 4 examccnaguide
 
Wi fi hacking
Wi fi hackingWi fi hacking
Wi fi hackingHarshitParkar6677
 
6.switching vla ns
6.switching vla ns6.switching vla ns
6.switching vla nsCYBERINTELLIGENTS
 
Frame relay design
Frame relay designFrame relay design
Frame relay designBhargav Amin
 
Sniffing in a Switched Network
Sniffing in a Switched NetworkSniffing in a Switched Network
Sniffing in a Switched Networkamiable_indian
 
Networking
NetworkingNetworking
NetworkingPravesh Hidko
 
Cisco packet tracer router
Cisco packet tracer routerCisco packet tracer router
Cisco packet tracer routerrishi ram khanal
 
Free CCNA workbook by networkers home pdf
Free CCNA workbook by networkers home pdfFree CCNA workbook by networkers home pdf
Free CCNA workbook by networkers home pdfNetworkershome
 
Send me your echolocation
Send me your echolocationSend me your echolocation
Send me your echolocationFastly
 
M3 – cisco packet tracer lab
M3 – cisco packet tracer labM3 – cisco packet tracer lab
M3 – cisco packet tracer labDrew7Williams
 
Student packet tracer manual v1.1
Student packet tracer manual v1.1Student packet tracer manual v1.1
Student packet tracer manual v1.1milkux
 
Packet Tracer Tutorial # 1
Packet Tracer Tutorial # 1Packet Tracer Tutorial # 1
Packet Tracer Tutorial # 1Abdul Basit
 
Ccna 7 exam
Ccna 7 examCcna 7 exam
Ccna 7 examccnaguide
 
CCNP Troubleshooting
CCNP TroubleshootingCCNP Troubleshooting
CCNP TroubleshootingNetworkershome
 
designandimplementanetwork
designandimplementanetworkdesignandimplementanetwork
designandimplementanetworkAdi Fang
 
Free CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdfFree CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdfNetworkershome
 
CCNP Routing
CCNP Routing CCNP Routing
CCNP Routing Networkershome
 
Networking devices
Networking devices Networking devices
Networking devices Aswini Badatya
 
20 Common Ports and their Purposes
20 Common Ports and their Purposes20 Common Ports and their Purposes
20 Common Ports and their Purposesahmadsamer10
 

Weitere ähnliche Inhalte

Was ist angesagt?

2.3.1.5 packet tracer configuring rapid pvst+ answer
2.3.1.5 packet tracer configuring rapid pvst+ answer2.3.1.5 packet tracer configuring rapid pvst+ answer
2.3.1.5 packet tracer configuring rapid pvst+ answerNarayana Samy
 
Packet tracer practical guide
Packet tracer practical guidePacket tracer practical guide
Packet tracer practical guideNishant Gandhi
 
Pt using packettracer
Pt using packettracerPt using packettracer
Pt using packettracerssusera4b34f
 
Frame relay design
Frame relay designFrame relay design
Frame relay designBhargav Amin
 
Sniffing in a Switched Network
Sniffing in a Switched NetworkSniffing in a Switched Network
Sniffing in a Switched Networkamiable_indian
 
Cisco packet tracer router
Cisco packet tracer routerCisco packet tracer router
Cisco packet tracer routerrishi ram khanal
 
Free CCNA workbook by networkers home pdf
Free CCNA workbook by networkers home pdfFree CCNA workbook by networkers home pdf
Free CCNA workbook by networkers home pdfNetworkershome
 
Send me your echolocation
Send me your echolocationSend me your echolocation
Send me your echolocationFastly
 
M3 – cisco packet tracer lab
M3 – cisco packet tracer labM3 – cisco packet tracer lab
M3 – cisco packet tracer labDrew7Williams
 
Student packet tracer manual v1.1
Student packet tracer manual v1.1Student packet tracer manual v1.1
Student packet tracer manual v1.1milkux
 
Packet Tracer Tutorial # 1
Packet Tracer Tutorial # 1Packet Tracer Tutorial # 1
Packet Tracer Tutorial # 1Abdul Basit
 
designandimplementanetwork
designandimplementanetworkdesignandimplementanetwork
designandimplementanetworkAdi Fang
 
Free CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdfFree CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdfNetworkershome
 

Was ist angesagt? (20)

2.3.1.5 packet tracer configuring rapid pvst+ answer
2.3.1.5 packet tracer configuring rapid pvst+ answer2.3.1.5 packet tracer configuring rapid pvst+ answer
2.3.1.5 packet tracer configuring rapid pvst+ answer
 
Packet tracer practical guide
Packet tracer practical guidePacket tracer practical guide
Packet tracer practical guide
 
Pt using packettracer
Pt using packettracerPt using packettracer
Pt using packettracer
 
Ccna 4 exam
Ccna 4 examCcna 4 exam
Ccna 4 exam
 
Wi fi hacking
Wi fi hackingWi fi hacking
Wi fi hacking
 
6.switching vla ns
6.switching vla ns6.switching vla ns
6.switching vla ns
 
Frame relay design
Frame relay designFrame relay design
Frame relay design
 
Sniffing in a Switched Network
Sniffing in a Switched NetworkSniffing in a Switched Network
Sniffing in a Switched Network
 
Networking
NetworkingNetworking
Networking
 
Cisco packet tracer router
Cisco packet tracer routerCisco packet tracer router
Cisco packet tracer router
 
Free CCNA workbook by networkers home pdf
Free CCNA workbook by networkers home pdfFree CCNA workbook by networkers home pdf
Free CCNA workbook by networkers home pdf
 
Send me your echolocation
Send me your echolocationSend me your echolocation
Send me your echolocation
 
M3 – cisco packet tracer lab
M3 – cisco packet tracer labM3 – cisco packet tracer lab
M3 – cisco packet tracer lab
 
Student packet tracer manual v1.1
Student packet tracer manual v1.1Student packet tracer manual v1.1
Student packet tracer manual v1.1
 
Packet Tracer Tutorial # 1
Packet Tracer Tutorial # 1Packet Tracer Tutorial # 1
Packet Tracer Tutorial # 1
 
Ccna 7 exam
Ccna 7 examCcna 7 exam
Ccna 7 exam
 
CCNP Troubleshooting
CCNP TroubleshootingCCNP Troubleshooting
CCNP Troubleshooting
 
designandimplementanetwork
designandimplementanetworkdesignandimplementanetwork
designandimplementanetwork
 
Free CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdfFree CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdf
 
CCNP Routing
CCNP Routing CCNP Routing
CCNP Routing
 

Andere mochten auch

20 Common Ports and their Purposes
20 Common Ports and their Purposes20 Common Ports and their Purposes
20 Common Ports and their Purposesahmadsamer10
 
20 Common Ports and their purposes
20 Common Ports and their purposes 20 Common Ports and their purposes
20 Common Ports and their purposes MaryamAlGhaith
 
Controlled Access Protocols
Controlled Access ProtocolsControlled Access Protocols
Controlled Access ProtocolsPruthviraj Konu
 
Intro to Bits, Bytes, and Storage
Intro to Bits, Bytes, and StorageIntro to Bits, Bytes, and Storage
Intro to Bits, Bytes, and StorageJohn Goldsworthy
 
Networking Devices and Networking Topologies
Networking Devices and Networking TopologiesNetworking Devices and Networking Topologies
Networking Devices and Networking Topologiesmc aa
 
Carrier Sense Multiple Access (CSMA)
Carrier Sense Multiple Access (CSMA)Carrier Sense Multiple Access (CSMA)
Carrier Sense Multiple Access (CSMA)Mohammed Abuibaid
 
6 network devices
6 network devices6 network devices
6 network devicesMuuluu
 
difference between hub, bridge, switch and router
difference between hub, bridge, switch and routerdifference between hub, bridge, switch and router
difference between hub, bridge, switch and routerAkmal Cikmat
 
Network Hardware And Software
Network Hardware And SoftwareNetwork Hardware And Software
Network Hardware And SoftwareSteven Cahill
 

Andere mochten auch (13)

Networking devices
Networking devices Networking devices
Networking devices
 
20 Common Ports and their Purposes
20 Common Ports and their Purposes20 Common Ports and their Purposes
20 Common Ports and their Purposes
 
20 Common Ports and their purposes
20 Common Ports and their purposes 20 Common Ports and their purposes
20 Common Ports and their purposes
 
Controlled Access Protocols
Controlled Access ProtocolsControlled Access Protocols
Controlled Access Protocols
 
Intro to Bits, Bytes, and Storage
Intro to Bits, Bytes, and StorageIntro to Bits, Bytes, and Storage
Intro to Bits, Bytes, and Storage
 
Networking Devices and Networking Topologies
Networking Devices and Networking TopologiesNetworking Devices and Networking Topologies
Networking Devices and Networking Topologies
 
Carrier Sense Multiple Access (CSMA)
Carrier Sense Multiple Access (CSMA)Carrier Sense Multiple Access (CSMA)
Carrier Sense Multiple Access (CSMA)
 
6 network devices
6 network devices6 network devices
6 network devices
 
Csma
CsmaCsma
Csma
 
CSMA/CD
CSMA/CDCSMA/CD
CSMA/CD
 
difference between hub, bridge, switch and router
difference between hub, bridge, switch and routerdifference between hub, bridge, switch and router
difference between hub, bridge, switch and router
 
CSMA/CA
CSMA/CACSMA/CA
CSMA/CA
 
Network Hardware And Software
Network Hardware And SoftwareNetwork Hardware And Software
Network Hardware And Software
 

Ähnlich wie Frame - MAC Address Threats & Vulnerabilities

Network Security - Layer 2
Network Security - Layer 2Network Security - Layer 2
Network Security - Layer 2samis
 
Cisco Switch Security
Cisco Switch SecurityCisco Switch Security
Cisco Switch Securitydkaya
 
Ccna 1 chapter 9 v4.0 answers 2011
Ccna 1 chapter 9 v4.0 answers 2011Ccna 1 chapter 9 v4.0 answers 2011
Ccna 1 chapter 9 v4.0 answers 2011Dân Chơi
 
2.Phys & Link
2.Phys & Link2.Phys & Link
2.Phys & Linkphanleson
 
Pentesting layer 2 protocols
Pentesting layer 2 protocolsPentesting layer 2 protocols
Pentesting layer 2 protocolsAbdessamad TEMMAR
 
Lan switching technologies
Lan switching technologiesLan switching technologies
Lan switching technologiesMohammedseleim
 
Data communication part2
Data communication part2Data communication part2
Data communication part2Melvin Cabatuan
 
802 11 2
802 11 2802 11 2
802 11 2rphelps
 
КЛМ_Урок 5
КЛМ_Урок 5КЛМ_Урок 5
КЛМ_Урок 5RaynaITSTEP
 
Training Day Slides
Training Day SlidesTraining Day Slides
Training Day Slidesadam_merritt
 
Mitigating Layer2 Attacks
Mitigating Layer2 AttacksMitigating Layer2 Attacks
Mitigating Layer2 Attacksdkaya
 
Ccna 3 chapter 2 v4.0 answers 2011
Ccna 3 chapter 2 v4.0 answers 2011Ccna 3 chapter 2 v4.0 answers 2011
Ccna 3 chapter 2 v4.0 answers 2011Dân Chơi
 
5G Transport Network Technology.pptx
5G Transport Network Technology.pptx5G Transport Network Technology.pptx
5G Transport Network Technology.pptxssuseraab93e
 

Ähnlich wie Frame - MAC Address Threats & Vulnerabilities (20)

Ch6
Ch6Ch6
Ch6
 
Network Security - Layer 2
Network Security - Layer 2Network Security - Layer 2
Network Security - Layer 2
 
Cisco Switch Security
Cisco Switch SecurityCisco Switch Security
Cisco Switch Security
 
LAYER2_
LAYER2_LAYER2_
LAYER2_
 
Ccna 1 chapter 9 v4.0 answers 2011
Ccna 1 chapter 9 v4.0 answers 2011Ccna 1 chapter 9 v4.0 answers 2011
Ccna 1 chapter 9 v4.0 answers 2011
 
2.Phys & Link
2.Phys & Link2.Phys & Link
2.Phys & Link
 
Pentesting layer 2 protocols
Pentesting layer 2 protocolsPentesting layer 2 protocols
Pentesting layer 2 protocols
 
Lan switching technologies
Lan switching technologiesLan switching technologies
Lan switching technologies
 
Hacking L2 Switches
Hacking L2 SwitchesHacking L2 Switches
Hacking L2 Switches
 
Cap2 configuring switch
Cap2 configuring switchCap2 configuring switch
Cap2 configuring switch
 
Ethernet_Networks
Ethernet_NetworksEthernet_Networks
Ethernet_Networks
 
Data communication part2
Data communication part2Data communication part2
Data communication part2
 
802 11 2
802 11 2802 11 2
802 11 2
 
КЛМ_Урок 5
КЛМ_Урок 5КЛМ_Урок 5
КЛМ_Урок 5
 
Arp spoofing
Arp spoofingArp spoofing
Arp spoofing
 
Networking Technologies : Segmentation
Networking Technologies : Segmentation Networking Technologies : Segmentation
Networking Technologies : Segmentation
 
Training Day Slides
Training Day SlidesTraining Day Slides
Training Day Slides
 
Mitigating Layer2 Attacks
Mitigating Layer2 AttacksMitigating Layer2 Attacks
Mitigating Layer2 Attacks
 
Ccna 3 chapter 2 v4.0 answers 2011
Ccna 3 chapter 2 v4.0 answers 2011Ccna 3 chapter 2 v4.0 answers 2011
Ccna 3 chapter 2 v4.0 answers 2011
 
5G Transport Network Technology.pptx
5G Transport Network Technology.pptx5G Transport Network Technology.pptx
5G Transport Network Technology.pptx
 

Mehr von Marc-Andre Heroux

Enterprise Security Critical Security Functions version 1.0
Enterprise Security Critical Security Functions version 1.0Enterprise Security Critical Security Functions version 1.0
Enterprise Security Critical Security Functions version 1.0Marc-Andre Heroux
 
Monitoring your organization against threats - Critical System Control
Monitoring your organization against threats - Critical System ControlMonitoring your organization against threats - Critical System Control
Monitoring your organization against threats - Critical System ControlMarc-Andre Heroux
 
Modèle de sécurité organisationnelle
Modèle de sécurité organisationnelleModèle de sécurité organisationnelle
Modèle de sécurité organisationnelleMarc-Andre Heroux
 
Méthodologie - adoption d'une norme en 7 étapes
Méthodologie - adoption d'une norme en 7 étapesMéthodologie - adoption d'une norme en 7 étapes
Méthodologie - adoption d'une norme en 7 étapesMarc-Andre Heroux
 
BUSINESS MATURITY LIFE CYCLE
BUSINESS MATURITY LIFE CYCLEBUSINESS MATURITY LIFE CYCLE
BUSINESS MATURITY LIFE CYCLEMarc-Andre Heroux
 
Assurance compliance management system
Assurance compliance management systemAssurance compliance management system
Assurance compliance management systemMarc-Andre Heroux
 

Mehr von Marc-Andre Heroux (9)

Linux encrypted container
Linux encrypted containerLinux encrypted container
Linux encrypted container
 
IT Control Framework
IT Control FrameworkIT Control Framework
IT Control Framework
 
Enterprise Security Critical Security Functions version 1.0
Enterprise Security Critical Security Functions version 1.0Enterprise Security Critical Security Functions version 1.0
Enterprise Security Critical Security Functions version 1.0
 
Online Authentication
Online AuthenticationOnline Authentication
Online Authentication
 
Monitoring your organization against threats - Critical System Control
Monitoring your organization against threats - Critical System ControlMonitoring your organization against threats - Critical System Control
Monitoring your organization against threats - Critical System Control
 
Modèle de sécurité organisationnelle
Modèle de sécurité organisationnelleModèle de sécurité organisationnelle
Modèle de sécurité organisationnelle
 
Méthodologie - adoption d'une norme en 7 étapes
Méthodologie - adoption d'une norme en 7 étapesMéthodologie - adoption d'une norme en 7 étapes
Méthodologie - adoption d'une norme en 7 étapes
 
BUSINESS MATURITY LIFE CYCLE
BUSINESS MATURITY LIFE CYCLEBUSINESS MATURITY LIFE CYCLE
BUSINESS MATURITY LIFE CYCLE
 
Assurance compliance management system
Assurance compliance management systemAssurance compliance management system
Assurance compliance management system
 

Kürzlich hochgeladen

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 

Kürzlich hochgeladen (20)

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 

Frame - MAC Address Threats & Vulnerabilities

  • 1. FRAME - MAC ADDRESS THREATS & VULNERABILITIES ETHERNET FRAMES - MAC SUBLAYER - 802.3 By Marc-Andre Heroux CGEIT, CISA, CRMA, CRMP, ABCP, CISSP, NSA-IAM, NSA-IEM V. 1.0 Security & Compliance Advisor
  • 2. EXAMPLE OF THE USE OF MAC ADDRESS AT THE LAYER 2 FRAME  In this demonstration, we have the machine2.mydomain.net (IP: 10.0.0.2) sending to machine3.mydomain.net (IP: 10.0.1.2).  Router/firewall uses datagrams at layer 3 with two components: a header and a payload. Ethernet works at layer 2 with frames (data link layer) and Address Resolution Protocol (ARP) is used (e.g.: MAC address resolution). All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0 10.0.0.2 What is MAC address of 10.0.1.2? 10.0.1.2 Initial transmission request Frame sent to all ports Broadcasting
  • 3. EXAMPLE OF THE USE OF MAC ADDRESS AT THE LAYER 2 FRAME MAC ADDRESS DESCRIPTION All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0
  • 4. HOW FRAMES ARE SENT? MAN-IN-THE-MIDDLE ATTACK  If the switch ARP cache table does not contain any entry for 10.0.1.2, the frame is sent to all ports. If any IP address corresponds to 10.0.1.2, the ARP reply will contain the destination MAC. If not found at the switch level, the frame will sent to all ports. If a switch or a router is connected, they will receive the ARP request. 10.0.0.2 What is MAC address of 10.0.1.2? Potential Man-In-THE-MIDDLE Attack on MAC HEADER IN the data payload section. All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0 10.0.1.2 Uses it’s own source MAC when sending request Initial transmission request Frame sent to all ports Broadcasting MAC not found
  • 5. EXAMPLE OF THE USE OF MAC ADDRESS AT THE LAYER 2 FRAME  The router will then respond with it's MAC and the switch will update it’s table, a new MAC header will usually be created and frames will be sent to router and the discovery/transmission will continue to the next hop. In our example, we have many organizational routable subnets divided by routers and connected to various switches. 10.0.0.2 What is MAC address of 10.0.1.2? MAC not found Potential Man-In-THE-MIDDLE Attack on MAC HEADER IN the data payload section. All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0 10.0.1.2 Uses is own source MAC when sending request Initial transmission request Frame sent to all ports Broadcasting
  • 6. CONCLUSION  Prevent threat agent to connect to your local network and avoid many incidents against Ethernet frame;  Detect and stop abnormal activities;  Most networks are running IPV4 and uses ARP. The same principles exist for IPV6 and Neighbor Discovery Protocol (NDP). Monitoring Logging Detection Correlation Alerting Correction All Right Reserved Marc-Andre Heroux, ARP Threats, version 1.0