Introduction

In this chapter, we examine methods to attack and defend the Data Link layer, which provides the mechanisms by which data is transferred from node to node across a network. We start the chapter by performing a quick review of the functionality of Ethernet. Given the prevalence of Ethernet in network infrastructures today, knowledge of the Ethernet frame is essential to understanding the basis of modern networking. Additionally, several features of the Data Link layer are necessary for conducting more advanced tasks at higher levels, such as Man-in-the-Middle (MITM) attacks.

Next, we turn our attention to the Point-to-Point Protocol (PPP) and the Serial Line Internet Protocol (SLIP), both of which reside at the Data Link layer.The PPP provides a method for transmitting datagrams over serial point-to-point links.

This chapter also looks at protocol analyzers.These remarkable tools are used throughout the book to help you gain an understanding of protocol operation and attack patterns. Once you have mastered protocol analyzers, we move on to examine Address Resolution Protocol (ARP), which is used to resolve known Internet Protocol (IP) addresses to unknown Media Access Control (MAC) addresses. ARP is a frequently abused protocol and is a target of attackers that are seeking to overcome the functionality of a switch. ARP is used to introduce other types of attacks that may be seen at the Data Link layer, such as wired equivalent privacy (WEP). Don t worry about attacks; just as in other chapters, we will turn our discussion toward defenses and the...