Chapter 5: Overview of the Physical Network Layer

Others 2021-03-21 21:50:21 views: null

Physical network layer protocol

  • Classified according to the physical medium used for interconnection
    • wired
    • wireless
  • Core: network card
  • Physical network layer block diagram [composition diagram]
    Insert picture description here
  • Composition overview
    • Hardware controller: network card, etc., mainly used for interface with physical media (such as network cable) and interface with computer system
    • Software part: Responsible for providing services to the upper layer, maintaining buffers, and device drivers that interface with the hardware

Common attack methods

  • Hardware address spoofing [generate a data packet with a source hardware address, but this address is not the source address of the sending device, this address is the same as another illegal device in the network]
  • Network sniffing [capturing data packets that have nothing to do with the destination address]
  • Physical attack
    • By chance
    • on purpose

Wired network protocol

  • Wired Ethernet Protocol (Carrier Sense Multiple Access/Collision Detection CSMA/CD)
    • The network controller listens on the medium to see if other devices are transmitting [carrier], if not, the monitored device can send data packets
    • Two or more devices are monitoring on the Internet. At this time, in order to prevent conflicts, they will always monitor and perform conflict detection. If there is a collision, they will wait for the opportunity to send again.
    • Protocol implementation sketch
      Insert picture description here
      • Ethernet improvements
        • Change from using coaxial cable to using twisted pair and hub, simplifying the circuit
        • The use of a network switch increases the intelligence of the device, and the computer can be directly connected to the network, which improves performance and reduces conflicts
    • Vulnerabilities in the Ethernet protocol
      • According to classification or divided into those four categories

Wireless network protocol

  • Wireless Ethernet protocol
    • 802.11a
    • 802.11b
    • 802.11g
    • 802.11h
  • Wireless AP【Access Point】
    • Generate wireless network, and is responsible for accessing the network
    • Provide access to the wired network
  • The main difference between wireless Ethernet and wired Ethernet
    • Wireless Ethernet cannot detect conflicts
  • Carrier Sense Multiple Access/Conflict Avoidance CSMA/CA [After the AP and the wireless device are successfully connected, the wireless device and the AP communication protocol] [Except that the conflict cannot be detected, it is similar to CSMA/CD]
  • There are four types of attacks according to the classification method

Common countermeasures

  • Virtual Local Area Network-VLAN [Use a switch to divide the device into an independent LAN system]
    • Static VLAN [based on fixed port division]
    • Dynamic VLAN [Based on device hardware address]
  • Network Access Control-NAC
    • Determine whether the device should exist in the network by verifying the device [used to isolate infected or misconfigured devices]

Analysis of sample questions [only used as an exam, may not be an accurate answer]

  • Search the Internet for tools that can detect hardware address spoofing.

    IP-MAC SACANNER
    360 traffic firewall Jusheng
    Network Management
    XArp
    ARPkiller

  • What makes the WPA protocol more secure than the WEP protocol?

    As an upgraded version of WEP, the universal encryption mechanism of IEEE 802.11, WPA is more thorough in security protection than WEP, which is mainly reflected in the aspects of identity authentication, encryption mechanism and packet inspection, and it also improves the management capabilities of wireless networks. Compared with WPA and WEP, WEP uses a static key to encrypt all communications. WPA continuously converts keys. WPA adopts an effective key distribution mechanism and can realize applications across wireless network cards of different manufacturers.

  • Why are both WPA and WEP difficult to use in public wireless networks, and if they are implemented, can they provide a higher level of security?

    In a public wireless network environment, whether it is WPA or WEA, the most difficult to achieve is the key transmission problem. Once it is solved, the security can be improved.

  • How to detect malicious access to the access point?

    You can often use a detection device to detect illegal access points around the building.
    You can also use a network analyzer to simply connect it to the network, and perform an advanced active search from the wired network to find all devices connected to the broadcast domain to analyze whether there are illegal access devices.

Guess you like

Origin blog.csdn.net/qq_41985293/article/details/107741990
Recommended
Rushing to the GitHub hot list——How can open source programming languages and frameworks be so cute?
Beijing Humanoid Robot Innovation Center launches Tiangong, the world's first full-size humanoid robot with purely electric drive for anthropomorphic running
Ranking
8个无需编写代码即可使用 Python 内置库的方法
Java collections interview knowledge Lite
Machine learning algorithms foundation - Introduction a (watermelon materials for the book)
(Easy) Ransom Note - LeetCode
[Five days] Qt from entry to actual combat: the second day
Remember once extremely pit father can not download Maven Jar package of issues: IDEA question
The minimum cost Shortest
OSPF study map (the most complete version)
Network Takeaways
GnuPG
Daily
More
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)

Code World

© 2018 codetd.com