Network security

Terms and concepts you should know

Paul Krzyzanowski

April 10, 2024

General concepts

  • Internet design goals and priorities
  • Protocol layers
  • Protocol encapsulation
  • Data link, network, transport takers
  • Broadcast

Link layer

  • CAM overflow

  • Switch table

  • Forwarding & filtering

  • Port security

  • 802.1x

  • Managed switch

  • LAN vs. VLAN

  • VLAN trunking

  • 802.1Q, Extended Ethernet frame

  • VLAN hopping attack

  • Auto-trunking

Link layer - Network layer interaction

  • ARP cache poisoning

  • MAC address vs. IP address

  • ARP table (cache)

  • Gratuitious ARP

  • Dynamic ARP inspection

  • DHCP spoofing

Transport layer

  • TCP sequence numbers
  • TCP sequence number prediction attack
  • TCP SYN flooding attack
  • SYN cookies

Routing

  • Purpose of BGP
  • BGP advertisements
  • BGP hijacking
  • Longer route prefixes
  • RPKI framework
  • Longer route prefixes/More specific routes

DNS

  • Domain Name System (DNS), DNS Resolver
  • Pharming attack
  • DNS spoofing attack, cache poisoning
  • Query ID
  • DNSSEC
  • DNS TTL (time to live)
  • DNS Rebinding attack
  • DNS pinning
Last modified April 10, 2024.

© Paul Krzyzanowski. All rights reserved.

For questions or comments about this site, contact Paul Krzyzanowski, gro.kp@ofnibew

recycled pixels

The entire contents of this site are protected by copyright under national and international law. No part of this site may be copied, reproduced, stored in a retrieval system, or transmitted, in any form, or by any means whether electronic, mechanical or otherwise without the prior written consent of the copyright holder. If there is something on this page that you want to use, please let me know. Any opinions expressed on this page do not necessarily reflect the opinions of my employers and may not even reflect my own.

Page design derived from: HTML5 UP.