Connectivity in today’s enterprise networks is regulated by a combination of complex routing and bridging policies, along with various interdiction mechanisms such as ACLs, packet filters, and other middleboxes that attempt to retrofit access control onto an otherwise permissive Internet architecture. This leads to enterprise networks that are inflexible, fragile and difficult to manage. We offer SANE, a protection architecture for enterprise networks that overcomes these limitations. By default, hosts can only contact a logically centralized reference monitor that hands out capabilities (encrypted source routes) for services, according to declarative access control policies (e.g. Alice can access

Abstract: Layered network architectures (OSI, TCP/IP) separate functionality in layers, allowing them to be designed and implemented independently. However, from the security point of view, once a lower layer is compromised, the reliability of the higher layers can be impaired. This paper is about the security of the Data Link Layer, which can affect the reliability of higher layers, like TCP, HTTP and other World-Wide Web protocols. The paper analyzes security-wise a layer 2 protocol – the Spanning Tree Protocol (STP), part of the Ethernet suite – and presents a solution to detect attacks against this protocol using Specification-based Intrusion Detection. 1

Abstract — Data Link layer is considered as the weakest link in a secured network. If an initial attack comes in at Layer 2, the whole network can be compromised. To illustrate the weakness of Layer 2 networks, attacking tools for this layer are surveyed and discussed in this paper. The main functions of these tools and how they can be used to launch attacks are discussed. Although the authors of this paper strongly against malicious attacks to networks, it is our belief that the best way to protect a network is to know how it can be attacked. The tools listed out in this paper can therefore be used for carrying out attacks as part of testing and learning.