Introduction to Layer 2 Attacks
Types of attacks

Like routers, both Layer 2 and Layer 3 switches have their own sets of network security requirements. Often, little consideration is given to the network security risks in switches and what can be done to mitigate those risks. Switches are susceptible to many of the same Layer 3 attacks as routers. Most of the network security techniques detailed in the section of the SAFE Enterprise white paper titled "Routers Are Targets" also apply to switches. However, switches, and Layer 2 of the OSI reference model in general, are subject to network attacks in unique ways. These attacks include:

  • CAM table overflow
  • Media Access Control (MAC) address spoofing
  • DHCP starvation
  • VLAN hopping
  • Spanning-Tree Protocol (STP) manipulation

Web Links