Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sicurezza a Layer 2: Tecniche di attacco e Strumenti software

Published byCorey King Modified over 7 years ago

Similar presentations

Presentation on theme: "Sicurezza a Layer 2: Tecniche di attacco e Strumenti software"— Presentation transcript:

1 Sicurezza a Layer 2: Tecniche di attacco e Strumenti software
Sicurezza a Layer 2: Tecniche di attacco e Strumenti software. (Parte 1) Università di Ferrara Corso di Laurea Magistrale in Ingegneria Informatica e dell'Automazione Ing. Raffaele Rugin Anno Accademico

2 Link Layer SECURITY Objective: Understanding a collision domain
Layer 2 protocol Shared access to the same medium Layer 2 addressing Layer 2 General Security Issues Wired L2 Security issues (802.3) Wireless L2 Security issues (802.11) Ing. Raffaele Rugin A.A

3 Link Layer: Introduction
Some terminology: hosts and routers are nodes communication channels that connect adjacent nodes along communication path are links wired links wireless links LANs layer-2 packet is a frame, encapsulates datagram data-link layer has responsibility of transferring datagram from one node to adjacent node over a link

4 Link layer: context transportation analogy
trip from Ferrara to Taormina taxi: Ferrara to BLQ plane: BLQ to Catania train: Catania to Taormina tourist = datagram transport segment = communication link transportation mode = link layer protocol travel agent = routing algorithm datagram transferred by different link protocols over different links: e.g., Ethernet on first link, frame relay on intermediate links, on last link each link protocol provides different services e.g., may or may not provide rdt (reliable data transfer) over link

5 Link Layer Services framing, link access:
encapsulate datagram into frame, adding header, trailer channel access if shared medium “MAC” addresses used in frame headers to identify source, dest different from IP address! reliable delivery between adjacent nodes seldom used on low bit-error link (fiber, some twisted pair) wireless links: high error rates Q: why both link-level and end2end reliability?

6 Where is the link layer implemented?
in each and every host link layer implemented in “adaptor” (aka network interface card NIC) Ethernet card, PCMCIA card, card implements link, physical layer attaches into host’s system buses combination of hardware, software, firmware Application Transport Network Link host schematic cpu memory host bus (e.g., PCI) controller Link Physical physical transmission network adapter card

7 Adaptors Communicating
datagram datagram controller controller sending host datagram receiving host frame sending side: encapsulates datagram in frame adds error checking bits, rdt, flow control, etc. receiving side looks for errors, rdt, flow control, etc extracts datagram, passes to upper layer at receiving side

8 LINK TYPES Two fundamental types: Point-to-point (physical or virtual)
PPP, PPPoA, PPPoE broadcast (shared medium: space, wires, also virtual) Ethernet wireless LAN 802.11q (Virtual LANs) Broadcast links are evidently a challenge for confidentiality and integrity animazione

9 ETHERNET FRAME STRUCTURE
Addresses: 6 bytes NICs process incoming frames only if Dst MAC corresponds to the NICs MAC, or to a broadcast address (ff:ff:ff:ff:ff:ff) Otherwise the NIC should discard the frame Type: code of transported layer 3 protocol (e.g. IP, IPv6, others were and are possible) CRC: checked by receiver. Frame should be discarded if CRC not corresponding. Not cryptographic. Can be counterfeited.

10 MAC Addresses IP address Valid among layer 3 nodes MAC address:
Works only within current link. Does not need configuration. Hardwired within NICs. Cannot be used for authenticating stations. Cannot be used for managing Layer 2 ACLs

11 ARP: Address Resolution Protocol
Needed when an host must be reached at layer 2. Conversion IP -> MAC needed Each station handles an ARP table ARP Table: IP/MAC address triples < IP address; MAC address; TTL> - TTL (Time To Live) 1A-2F-BB AD LAN 71-65-F7-2B-08-53 58-23-D7-FA-20-B0 0C-C4-11-6F-E3-98

12 Routing between two LANs
A needs to contact B via R Assume A knows B’s IP address. R ha due tabelle ARP, una per dominio di collisione In routing table at source Host, find router In ARP table at source, find MAC address E6-E BB-4B, etc A R B

13 A R B A originates datagram D, A -> B
Is B in the same LAN? NO. Routing is needed via R. R’s MAC address is needed. ARP is the recipe! D is embedded in a frame F. Note that F goes from MAC A-> MAC R, but D refers IP A -> IP B R received F, extracts D, sees B IP, and understands that B is within LAN2 R uses ARP for having the MAC address of B R creates a frame F2, and sends it to B. F2 contains D (unchanged) but at layer 2 the conversation if between R and B. appare datagramma (nel datagramma deve apparire indirizzo mittente e destinatario) 3. appare frame ARP (destinato a tutti). deve comparire mac address mittente: ecc-ecc- , destinatario: ff-ff-ff-ff-ff-ff-ff 4. A R B

14 ARP Poisoning in LAN

15 ARP poisoning in LAN

16 Half mitm

17 Countermeasures ARP Watching Static ARP tables ARP Jamming
VPN technologies IP Sec, Tunnels, SSH SSL/TLS (but works only on a per app basis)

18 Hubs An hub repeats frames on each ports (expect the incoming one)
cavo in rame hub pallino che parte da uno e va verso tutti gli altri

19 Typical Switch workflow
When a new frame F enters some interface: Lookup in the switch table for Dst MAC if Dst MAC is in switch table then{ if MAC dst.intf = MAC src.intf then ignores this frame else send F over MAC dst.intf ONLY } else broadcast F on all ports (except the incoming one)

20 Example C sends frame F to D switch 1 A B E G 1 2 3 2 3 hub hub A hub
address interface switch 1 A B E G 1 2 3 2 3 hub hub A hub I D F B G C H E animazione. Switch receives F from C C is discovered to operate from intf 1. This is recorded. It is not known where D operates from F is sent to intf 2 and 3 D receives F

21 Switch example When D answers to C: switch A B E G C D 1 2 3 hub hub A
address interface switch A B E G C D 1 2 3 hub hub A hub I D F B G C H E animazione D answers with F2 D is discovered to be operating from intf 2. This is recorded C is known to work on intf 1, only this interface receives F2

22 Port Stealing: example
C send a frame to R. G is an intruder switch address interface 1 A B R G 1 2 3 2 3 hub hub A hub I R G B C H animazione. G sends frames using R as source MAC. This forces wrong updating of the switch table G can then capture frames to R, can record, filter and alter them. Then, for avoiding disruption of communication, it sends frames to the real R, stimulating re-update of the switch table

23 MAC Spoofing / Flooding
Flooding. Idea: the switch table needs memory. This memory can be saturated producing a huge number of frames with random MAC sources. When this happens, a switch starts behaving like an hub. Countermeasures: port locking.

24 Broadcast attacks Example: Fake victim’s IP
Generate broadcast traffic using the fake IP. Answers flood the victim. Depending on the type of attack, particular conditions are required Attacker IP falso: Rete Subnet hosts. Passive attackers Victim IP:

25 The scenario Server Attacker Client

26 MITM attack scenarios TOC
Different attacks in different scenarios: LOCAL AREA NETWORK: - ARP poisoning - ARP poisoning - DNS spoofing - ARP poisoning - DNS spoofing - STP mangling - Port stealing FROM LOCAL TO REMOTE (through a gateway): - ARP poisoning - ARP poisoning - DNS spoofing - ARP poisoning - DNS spoofing - DHCP spoofing - ICMP redirection - ICMP redirection - IRDP spoofing - ICMP redirection - IRDP spoofing - route mangling REMOTE: - DNS poisoning - DNS poisoning - traffic tunneling - DNS poisoning - traffic tunneling - route mangling

27 MITM attack techniques The local scenario

28 Local attacks (1) ARP poisoning
ARP is stateless (we all knows how it works and what the problems are) Some operating systems do not update an entry if it is not already in the cache, others accept only the first received reply (e.g. Solaris) The attacker can forge spoofed ICMP packets to force the host to make an ARP request. Immediately after the ICMP it sends the fake ARP reply

29 The scenario Server Attacker Client Gratuitous ARP (forged)

30 Local attacks (1) ARP poisoning - Tools
ettercap ( Poisoning Sniffing Hijacking Filtering SSH v.1 sniffing (transparent attack) dsniff ( SSH v.1 sniffing (proxy attack)

31 Local attacks (1) ARP poisoning - countermeasures
YES - passive monitoring (arpwatch) YES - active monitoring (ettercap) YES - Intrusion Detection System (detect but not avoid) YES - Static ARP entries (avoid it) YES - Secure-ARP (public key authentication)

32 Local attacks (2) DNS spoofing
If the attacker is able to sniff the ID of the DNS request, he/she can reply before the real DNS server MITM HOST serverX.localdomain.in DNS

33 Local attacks (2) DNS spoofing - tools
ettercap ( Phantom plugin dsniff ( Dnsspoof zodiac (

34 Local attacks (2) DNS spoofing - countermeasures
YES - detect multiple replies (IDS) YES - use host file for static resolution of critical hosts YES - DNSSEC

35 Local attacks (3) STP mangling
It is not a real MITM attack since the attacker is able to receive only “unmanaged” traffic The attacker can forge BPDU with high priority pretending to be the new root of the spanning tree

36 Local attacks (3) STP mangling - tools
Ettercap ( With the Lamia plugin

37 Local attacks (3) STP mangling - countermeasures
YES - Disable STP on VLAN without loops YES - Root Guard, BPDU Guard.

38 Local attacks (4) Port stealing
Attacker floods the switch with forged gratuitous ARP packets with the source MAC address being that of the target host and the destination MAC address being that of the attacker. Since the destination MAC address of each flooding packet is the attackers MAC address, the switch will not forward these packets to other ports, meaning they will not be seen by other hosts on the network A race condition: because the target host will send packets too. The switch will see packets with the same source MAC address on two different ports and will constantly change the binding of the MAC address to the port. Remember that the switch binds a MAC address to a single port. If the attacker is fast enough, packets intended for the target host will be sent to the attacker’s switch port and not the target host.

39 Local attacks (4) Port stealing
When a packet arrives, the attacker performs an ARP request asking for the target hosts’ IP address. Next, the attacker stops the flooding and waits for the ARP reply. When the attacker receives the reply, it means that the target hosts’ switch port has been restored to its original binding. The attacker now sniffs the packet and forwards it to the target host and restarts the attack ad naseum …

40 Local attacks (5) Port stealing how to
1 2 3 Layer 2 switch Gratuitous ARP (forged) A Attacker B

41 Local attacks (4) Port stealing - tools
ettercap ( With the Confusion plugin

42 Local Attacks (4) Port stealing - countermeasures
YES - port security on the switch

43 Attack techniques From local to remote

44 Local to remote attacks (1) DHCP spoofing
The DHCP requests are made in broadcast mode. If the attacker replies before the real DHCP server it can manipulate: IP address of the victim GW address assigned to the victim DNS address Abbreviated STP, a link management protocol, a link management protocol that is part of the IEEE standard, a link management protocol that is part of the IEEE standard for media access control bridges, a link management protocol that is part of the IEEE standard for media access control bridges. Using the spanning tree algorithm, a link management protocol that is part of the IEEE standard for media access control bridges. Using the spanning tree algorithm, STP provides path redundancy while preventing undesirable loops in a network, a link management protocol that is part of the IEEE standard for media access control bridges. Using the spanning tree algorithm, STP provides path redundancy while preventing undesirable loops in a network that are created by multiple active paths between stations. Loops occur when there are alternate routes between hosts, a link management protocol that is part of the IEEE standard for media access control bridges. Using the spanning tree algorithm, STP provides path redundancy while preventing undesirable loops in a network that are created by multiple active paths between stations. Loops occur when there are alternate routes between hosts. To establish path redundancy, STP creates a tree, a link management protocol that is part of the IEEE standard for media access control bridges. Using the spanning tree algorithm, STP provides path redundancy while preventing undesirable loops in a network that are created by multiple active paths between stations. Loops occur when there are alternate routes between hosts. To establish path redundancy, STP creates a tree that spans all of the switches in an extended network, forcing redundant paths into a standby, or blocked, state. STP allows only one active path at a time between any two network devices (this prevents the loops) but establishes the redundant links as a backup if the initial link should fail. If STP costs change, or if one network segment in the STP becomes unreachable, the spanning tree algorithm reconfigures the spanning tree topology, a link management protocol that is part of the IEEE standard for media access control bridges. Using the spanning tree algorithm, STP provides path redundancy while preventing undesirable loops in a network that are created by multiple active paths between stations. Loops occur when there are alternate routes between hosts. To establish path redundancy, STP creates a tree that spans all of the switches in an extended network, forcing redundant paths into a standby, or blocked, state. STP allows only one active path at a time between any two network devices (this prevents the loops) but establishes the redundant links as a backup if the initial link should fail. If STP costs change, or if one network segment in the STP becomes unreachable, the spanning tree algorithm reconfigures the spanning tree topology and reestablishes the link by activating the standby path. Without spanning tree in place, it is possible that both connections may be simultaneously live, which could result in an endless loop of traffic on the LAN. Acronym for bridge protocol data unit. BPDUs are data messages that are exchanged across the switches. BPDUs are data messages that are exchanged across the switches within an extended LAN. BPDUs are data messages that are exchanged across the switches within an extended LAN that uses a spanning tree protocol. BPDUs are data messages that are exchanged across the switches within an extended LAN that uses a spanning tree protocol topology. BPDUs are data messages that are exchanged across the switches within an extended LAN that uses a spanning tree protocol topology. BPDU packets contain information on ports, addresses, priorities and costs and ensure that the data ends up where it was intended to go. BPDU messages are exchanged across bridges. BPDUs are data messages that are exchanged across the switches within an extended LAN that uses a spanning tree protocol topology. BPDU packets contain information on ports, addresses, priorities and costs and ensure that the data ends up where it was intended to go. BPDU messages are exchanged across bridges to detect loops. BPDUs are data messages that are exchanged across the switches within an extended LAN that uses a spanning tree protocol topology. BPDU packets contain information on ports, addresses, priorities and costs and ensure that the data ends up where it was intended to go. BPDU messages are exchanged across bridges to detect loops in a network topology. The loops are then removed by shutting down selected bridge interfaces and placing redundant switch ports in a backup, or blocked, state.

45 Local to remote attacks (1) DHCP spoofing - countermeasures
YES - detection of multiple DHCP replies

46 Local to remote attacks (2) ICMP redirect
The attacker can forge ICMP redirect packet in order to redirect traffic to himself T AT G1 ICMP redirect to AT LAN H

47 Local to remote attacks (2) ICMP redirect - tools
IRPAS icmp_redirect (Phenoelit) ( icmp_redir (Yuri Volobuev)

48 Local to remote attacks (2) ICMP redirect - countermeasures
YES - Disable the ICMP REDIRECT NO - Linux has the “secure redirect” options but it seems to be ineffective against this attack

49 Conclusions The security of a connection relies on:
Proper configuration of the client (avoiding ICMP Redirect, ARP Poisoning etc.) the other endpoint infrastructure (e.g.. DNS dynamic update), the strength of a third party appliances on which we don’t have access (e.g.. Tunneling). The best way to ensure secure communication is the correct and conscious use of cryptographic systems both client and server side at the network layer (i.e.. IPSec) at transport layer (i.e.. SSLv3) at application layer (i.e.. PGP).

50 Strumenti Software (parte 1)

51 arp –d <indirizzo ip>
Comando arp arp –a Visualizza la tabella di di sistema contenente le associazioni IP – MAC Address recentemente raccolte dal sistema operativo. arp –d <indirizzo ip> Cancella dalla tabella di arp l’entry associata all’indirizzo ip indicato ARP protocol RFC 1027

52 Comando arpspoof arpspoof –t victim gateway
Informa l’host victim che l’indirizzo MAC della macchina locale (MITM) è quello relativo all’IP del gateway. (lanciare in una shell separata) arpspoof –t gateway victim Informa l’host gateway che l’indirizzo MAC della macchina locale (MITM) è quello relativo all’IP di victim.

53 Comando arpspoof Per permettere su un sistema operativo linux il passaggio del traffico attraverso l’host è necessario: echo 1 > /proc/sys/net/ipv4/ip_forward E’ possibile vedere il traffico che attraversa la macchina attaccante con: tcpdump –ieth0 host victim and not arp Dsniff –c –m -d

54 Introduzione a Ettercap(1)
Tool completo per la realizzazione di attacchi MITM Struttura modulare Intercetta traffico Altera il traffico Linguaggio per creare filtraggio selettivo customizzato Password sniffer per moltissimi protocolli (TELNET, FTP, POP, IMAP, rlogin, SSH1, ICQ, SMB, MySQL, HTTP, NNTP, X11, Napster, IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC, LDAP, NFS, SNMP, Half-Life, Quake 3, MSN, YMSG ) Dns Tampering

55 Introduzione a Ettercap(2)
Unified e Bridged Progetto al momento non più sviluppato

56 Ettercap plugins(1) arp_cop 1.1 Report suspicious ARP activity
autoadd Automatically add new victims in the target range chk_poison Check if the poisoning had success dns_spoof Sends spoofed dns replies dos_attack Run a d.o.s. attack against an IP address dummy A plugin template (for developers) find_conn Search connections on a switched LAN find_ettercap Try to find ettercap activity find_ip Search an unused IP address in the subnet finger Fingerprint a remote host finger_submit Submit a fingerprint to ettercap's website

57 Ettercap plugins(2) gre_relay Tunnel broker for redirected GRE tunnels gw_discover Try to find the LAN gateway isolate Isolate an host from the lan link_type Check the link type (hub/switch) pptp_chapms PPTP: Forces chapms-v1 from chapms-v2 pptp_clear PPTP: Tries to force cleartext tunnel pptp_pap PPTP: Forces PAP authentication pptp_reneg PPTP: Forces tunnel re-negotiation rand_flood Flood the LAN with random MAC addresses remote_browser Sends visited URLs to the browser reply_arp Simple arp responder

58 Ettercap plugins(3) repoison_arp 1.0 Repoison after broadcast ARP
scan_poisoner Actively search other poisoners search_promisc Search promisc NICs in the LAN smb_clear Tries to force SMB cleartext auth smb_down Tries to force SMB to not use NTLM2 key auth stp_mangler Become root of a switches spanning tree

59 Esempio utilizzo Ettercap(1)
In kali linux è disponibile un interfaccia grafica Esempio di arp spoofing (o arp poisoning) Per esercitazione dividere in due gruppi i pc un gruppo sarà l’attaccante l’altro l’attaccato ettercap -G Selezionare la modalità di sniff dei pacchetti: Sniff -> Unified Sniffing Effettuare uno scan in rete degli host presenti Hosts -> Scan for hosts

60 Esempio utilizzo Ettercap(2)
Verificare la lista degli host presenti in rete e relativi MAC Hosts -> Hosts list Selezionare le macchine da attaccare dalla lista

61 Esempio utilizzo Ettercap(3)
Selezionare l’indirizzo di una macchina “Target 1” (ad esempio il GW di rete) Selezionare l’indirizzo della macchina da attaccare e premere il tasto “Target 2” ATTENZIONE se non selezioniamo nessuna macchina tutta la sottorete subirà un inquinamento delle tabelle di ARP !!! Verificare per sicurezza i target selezionati Targets -> Current Targets Avviare l’attacco MITM di arp poisoning Mitm -> Arp poisoning

62 Esempio utilizzo Ettercap(4)
Avviare lo sniffer per catturare i pacchetti Start -> Start Sniffing Q: Come cambia il traffico di ARP prima e dopo il poisoning ? Q: Cosa cambia nelle tabelle di ARP ( Comando arp -a , arp -d) ? Q: Che pacchetti ARP vengono scambiati in rete (tshark) ? Al termine di tutto ricordarsi di ripristinare le tabelle arp corrette sui target Mitm -> Stop mitm attack(s)

63 Esempio utilizzo Ettercap(5)
Q: Ed ora che abbiamo trovato il modo di girare tutto il traffico sulla macchina attaccante senza che nessuno si accorga di nulla cosa possiamo fare ? Ettercap riesce già di default a interpretare molti protocolli e estrarre informazioni sensibili (credenziali) Q: Provate a connettervi utilizzando i protocolli Telnet o FTP verificate cosa visualizza l’interfaccia di Ettercap Q: Perchè l’operazione è possibile in modo semplice ?

64 Next Time …. La prossima volta vedremo l’utilizzo dei filtri e dei plugins per gestire modifiche al flusso dati intercettato. Analizzeremo inoltre un tool più recente e attualmente sviluppato attivamente privo di interfaccia grafica ma capace di attacchi più raffinati.

65 References A current analysis of man in the middle (mitm) attacks - Sachin Deodhar - IIT KANPUR Hacher’s Workshop 2004 Esempio utilizzo ettercap Filtri con ettercap Bettercap Bettercap Beef Example

Download ppt "Sicurezza a Layer 2: Tecniche di attacco e Strumenti software"

Similar presentations

Communication Networks Recitation 3 Bridges & Spanning trees.

Communication Networks Recitation 3 Bridges & Spanning trees.
1 ICS 156: Lecture 2 (part 2) Data link layer protocols Address resolution protocol Notes on lab 2.

1 ICS 156: Lecture 2 (part 2) Data link layer protocols Address resolution protocol Notes on lab 2.
Internet Control Protocols Savera Tanwir. Internet Control Protocols ICMP ARP RARP DHCP.

Internet Control Protocols Savera Tanwir. Internet Control Protocols ICMP ARP RARP DHCP.
Chapter 5 Link Layer slides are modified from J. Kurose & K. Ross CPE 400 / 600 Computer Communication Networks Lecture 20.

Chapter 5 Link Layer slides are modified from J. Kurose & K. Ross CPE 400 / 600 Computer Communication Networks Lecture 20.
5-1 Data Link Layer r Today, we will study the data link layer… r This is the last layer in the network protocol stack we will study in this class…

5-1 Data Link Layer r Today, we will study the data link layer… r This is the last layer in the network protocol stack we will study in this class…
IP Routing: an Introduction. Quiz 0-31 32-63 64-95 96-127 128-159 160-191 192-223 224-255.

IP Routing: an Introduction. Quiz
Introduction to InfoSec – Recitation 12 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Introduction to InfoSec – Recitation 12 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
Layer 2 Switch  Layer 2 Switching is hardware based.  Uses the host's Media Access Control (MAC) address.  Uses Application Specific Integrated Circuits.

Layer 2 Switch  Layer 2 Switching is hardware based.  Uses the host's Media Access Control (MAC) address.  Uses Application Specific Integrated Circuits.
Introduction 1 Lecture 23 Link Layer (Error Detection/Correction) slides are modified from J. Kurose & K. Ross University of Nevada – Reno Computer Science.

Introduction 1 Lecture 23 Link Layer (Error Detection/Correction) slides are modified from J. Kurose & K. Ross University of Nevada – Reno Computer Science.
5: DataLink Layer5-1 Chapter 5 Link Layer and LANs Part 1: Overview of the Data Link layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose,

5: DataLink Layer5-1 Chapter 5 Link Layer and LANs Part 1: Overview of the Data Link layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose,
Semester 1 Module 8 Ethernet Switching Andres, Wen-Yuan Liao Department of Computer Science and Engineering De Lin Institute of Technology

Semester 1 Module 8 Ethernet Switching Andres, Wen-Yuan Liao Department of Computer Science and Engineering De Lin Institute of Technology
1 Token Passing: IEEE802.5 standard  4 Mbps  maximum token holding time: 10 ms, limiting packet length  packet (token, data) format:  SD, ED mark start,

1 Token Passing: IEEE802.5 standard  4 Mbps  maximum token holding time: 10 ms, limiting packet length  packet (token, data) format:  SD, ED mark start,
Chapter 4: Managing LAN Traffic

Chapter 4: Managing LAN Traffic
Network Admin Course Plan Accede Institute Of Science & Technology.

Network Admin Course Plan Accede Institute Of Science & Technology.
1 IP Forwarding Relates to Lab 3. Covers the principles of end-to-end datagram delivery in IP networks.

1 IP Forwarding Relates to Lab 3. Covers the principles of end-to-end datagram delivery in IP networks.
CMPT 471 Networking II Address Resolution IPv4 ARP RARP 1© Janice Regan, 2012.

CMPT 471 Networking II Address Resolution IPv4 ARP RARP 1© Janice Regan, 2012.
Token Passing: IEEE802.5 standard  4 Mbps  maximum token holding time: 10 ms, limiting packet length  packet (token, data) format:  SD, ED mark start,

Token Passing: IEEE802.5 standard  4 Mbps  maximum token holding time: 10 ms, limiting packet length  packet (token, data) format:  SD, ED mark start,
Module 8: Ethernet Switching

Module 8: Ethernet Switching
Sem1 - Module 8 Ethernet Switching. Shared media environments Shared media environment: –Occurs when multiple hosts have access to the same medium. –For.

Sem1 - Module 8 Ethernet Switching. Shared media environments Shared media environment: –Occurs when multiple hosts have access to the same medium. –For.
Chapter 5 Link Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Link Layer5-1 5.1 introduction,

Chapter 5 Link Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Link Layer introduction,

Similar presentations

Ads by Google