DATA LINK LAYER FAILURE:
1. MAC ADDRESS CONFLICT LEADS TO INABILITY TO ACCESS THE INTERNET
2. THE NETWORK CARD BANDWIDTH NEGOTIATION BETWEEN THE SWITCH AND THE COMPUTER IS
INCONSISTENT, AND THE NETWORK SPEED IS INCONSISTENT, RESULTING IN THE INABILITY TO PASS.
3. ADSL ARREARS LEAD TO NON-PASSABILITY.
4. CONNECT THE COMPUTER TO THE WRONG VLAN.
NETWORK LAYER FAILURE:
1. THE COMPUTER IP ADDRESS IS SET INCORRECTLY.
2. THE COMPUTER DOES NOT HAVE A GATEWAY SET UP.
3. THE COMPUTER SUBNET MASK IS MISCONFIGURED.
4. ROUTER ROUTING TABLE ERROR ALONG THE WAY.
Data link layer:
1. The WiFi password is set, and this security layer is at the data link layer.
2. The company's internal switch can set which Mac address can be accessed, and set how many
computers are connected.
3. The ADSL dial-up Internet at home requires login account and password.
4. Divide the different VLANs.
Network layer security:
1. Set which computers can access the Internet and which cannot on the router (set ACL on the
router to control packet forwarding).
2. On the computer can also set the network layer security, you can set who can access me.
transport layer functions: reliable transmission, traffic control, congestion avoidance, if there is
packet loss, the transport layer will be retransmitted, the data in the cache of the transport layer will
not be lost immediately, will wait until the other party receives the reply before throwing away.
function of the network layer: do your best to choose the best path for the packet to reach the
destination, if the router can not process it, it will be thrown away, the network layer is not
responsible for the data loss problem, the packet loss problem transport layer to manage, if there is
packet loss, the transport layer will retransmit, so the network layer is not responsible for reliable
transmission, the network layer is only responsible for selecting the best path, the router works in the
network layer, the administrator adds a routing table to the router, tells the router what criteria are
for choosing the best route.
The router needs to see the IP address for transmission, so the router works at the network layer; at
the same time, the router needs to be connected to the computer's network card, and they have a
common language, so the router also works at the data link layer; the physical layer of the network
card and the physical layer of the router Work at the same layer; routers and routers are
point-to-point PPP protocols, they work at the data link layer; the switch can understand the data link
layer protocol, so the switch works at the data link layer. The hub does not look at anything. Like a
network cable, it does not have any intelligence. If there is an electrical signal, I will spread it around
to reach all the ports. If one channel is occupied, the other computers have to wait. As long as it can
receive physical signals, routers, hubs, and switches can all receive physical signals and work at the
physical layer.
2 DOS
What is a denial-of-service attack?
A denial-of-service (DoS) attack is a type of cyber attack in which a malicious actor aims to render a
computer or other device unavailable to its intended users by interrupting the device's normal
functioning. DoS attacks typically function by overwhelming or flooding a targeted machine with
requests until normal traffic is unable to be processed, resulting in denial-of-service to addition users.
A DoS attack is characterized by using a single computer to launch the attack.
A distributed denial-of-service (DDoS) attack is a type of DoS attack that comes from many distributed
sources, such as a botnet DDoS attack
How does a DoS attack work?
The primary focus of a DoS attack is to oversaturate the capacity of a targeted machine, resulting in
denial-of-service to additional requests. The multiple attack vectors of DoS attacks can be grouped by
their similarities.
DoS attacks typically fall in 2 categories:
Buffer overflow attacks
An attack type in which a memory buffer overflow can cause a machine to consume all available hard
disk space, memory, or CPU time. This form of exploit often results in sluggish behavior, system
crashes, or other deleterious server behaviors, resulting in denial-of-service.
Flood attacks
By saturating a targeted server with an overwhelming amount of packets, a malicious actor is able to
oversaturate server capacity, resulting in denial-of-service. In order for most DoS flood attacks to be
successful, the malicious actor must have more available bandwidth than the target.
TCP 3-Way Handshake Process
This could also be seen as a way of how TCP connection is established. Before getting into the details,
let us look at some basics. TCP stands for Transmission Control Protocol which indicates that it does
something to control the transmission of the data in a reliable way.
The process of communication between devices over the internet happens according to the current
TCP/IP suite model(stripped out version of OSI reference model). The Application layer is a top pile of
a stack of TCP/IP models from where network referenced applications like web browsers on the
client-side establish a connection with the server. From the application layer, the information is
transferred to the transport layer where our topic comes into the picture. The two important
protocols of this layer are – TCP, UDP(User Datagram Protocol) out of which TCP is prevalent(since it
provides reliability for the connection established). However, you can find an application of UDP in
querying the DNS server to get the binary equivalent of the Domain Name used for the website.
How to help prevent DoS attacks
A general rule: The earlier you can identify an attack-in-progress, the quicker you can contain the
damage. Here are some things you can do.
Method 1: Get help recognizing attacks
Companies often use technology or anti-DDoS services to help defend themselves. These can help you
recognize between legitimate spikes in network traffic and a DDoS attack.
Method 2: Contact your Internet Service provider
If you find your company is under attack, you should notify your Internet Service Provider as soon as
possible to determine if your traffic can be rerouted. Having a backup ISP is a good idea, too. Also,
consider services that can disperse the massive DDoS traffic among a network of servers. That can
help render an attack ineffective.
Method 3: Investigate black hole routing
Internet service providers can use “black hole routing.” It directs excessive traffic into a null route,
sometimes referred to as a black hole. This can help prevent the targeted website or network from
crashing. The drawback is that both legitimate and illegitimate traffic is rerouted in the same way.
Method 4: Configure firewalls and routers
Firewalls and routers should be configured to reject bogus traffic. Remember to keep your routers
and firewalls updated with the latest security patches.
Method 5: Consider front-end hardware
Application front-end hardware that’s integrated into the network before traffic reaches a server can
help analyze and screen data packets. The hardware classifies the data as priority, regular, or
dangerous as they enter a system. It can also help block threatening data.
Do'stlaringiz bilan baham: |