A lot of attention is paid to securing the higher layers of the OSI reference model with network-level devices such as firewalls, intrusion protection systems (IPS), and applications such as antivirus and host-based intrusion protection (HIPS).
Layer 2 attacks occur, as you would expect, at Layer 2 of the OSI model. We know that switching operates at Layer 2; therefore, most of these attacks need to be mitigated in the switches you deploy in your network.
Layer 2 attacks are often overlooked when designing a network security solution; it is quite normal to find Layer 2 networks with no protection whatsoever. The availability of dedicated Layer 2 attack tools makes it necessary to defend against possible attack by implementing the features that Cisco offers within IOS Software.
One of the best tools used for testing Layer 2 security is Yersinia that is freely available from http://www.yersinia.net/ and is part of the BackTrack 4 security distribution.
Types of Layer 2 Attacks
This section covers several types of Layer 2 attacks. This section also explains how to mitigate these attacks by implementing the correct control in Cisco IOS.
Following are the main types of Layer 2 attacks:
- CAM overflow
- VLAN hopping
- MAC spoofing
- Private VLAN attacks
- DHCP attacks