Ask
Login
0
1.2kviews
Vulnerabilities at Physical Layer
written 5.6 years ago by gravatar for swatisharma swatisharma 1.3k
cryptography and network security
ADD COMMENT EDIT
1 Answer
0
48views
written 5.6 years ago by gravatar for swatisharma swatisharma 1.3k

Physical Layer:

  • This layer consists of the actual connections to & within the network; routers, switches, servers, cables & wireless media.

  • The type of attacker that can be performed at this layer is dependent on the communication media being used; wired or wireless communication environments.

  • If an attacker is about to gain access to any of them, then he or she can easily cause a denial of service attack by making the causing the organisation application unavailable into the network.

  • If an attacker gets the knowledge of the Ethernet cabling standard (568A or 568B), he can easily tap cable without being detected i.e. (Ethernet copper twisted pair cables)

  • Wire equivalent privacy is one of the most common wireless authentication standards that is widely used. however it uses a very weak RC4 encryption algorithm and a determined hacker can easily crack it by using dictionary attacker or brute force.

  • Wi-fi protected access overcomes the weakness that WEP has.

  • It offers a sophisticated hierarchy that generates new encryption keys each time a mobile device connects to the network,Wireless access points can be spoofed.

  • An attacker can set up a rogue access point give it the same service set identifier of the genuine network also configure the wireless network authentication password to the same. When users login to this network the attacker has full access to their machines.

  • Wireless media is susceptible to radio frequency interference an attacker can jam the WiFi radio frequency by placing a device that can distort the wavelength and amplitude of the signals making the network unusable.

Solution:

  • To contact these attacks,there is need to control the physical access to the networking devices for eg. the server should be locked and only authorized individuals sholud be allowed inside.
  • Backup power should also be available in case there is power outage.
  • To avoid data loss,there is need to backup the data at regular intervals and have a good disaster recovery plan.
  • Backups should be stored in a remote site in case the sever room has same catastrophe.
ADD COMMENT EDIT
Please log in to add an answer.