MASKINGNETWORKS.COM Home
  • masking
    • About Network Masking
    Network Masking Technology
    Products
    Solutions
    Company

     
     
    		 

    Network Address Vulnerabilities

    Network protocols are implemented in logical layers. The network addresses of a device are its Layer 2 “MAC” address and Layer 3 “IP” address. Cyber attackers rely on the static relationship between a device and these addresses to plan and carry out their attacks. System administrators tend to underestimate the risks to their own networks from network address exploits because they are not a current compliance focus. Pentagon's Cyberstrategy is clear that “Because some intrusions will inevitably (emphasis added) evade detection and not be caught at the boundary, U.S. cyberdefenses must be able to find intruders once they are inside.”

    Key network address attacks include unauthorized network mapping, traffic analysis across segments, denial of service, and man-in-the-middle attacks. In a recent solicitation, the US Army stated “The first stage in a cyber attack is to perform reconnaissance on the target network. The attacker’s goal is to identify targets that either contain the desired information or are critical to network traffic. Following that step, the attacker will determine what is exploitable on the targeted network devices. If the information gathered above is incorrect, the attackers will waste time and resources attempting to exploit systems and services that may or may not exist, which will result in more time for the defenders to take the appropriate action .”

    One way to address this vulnerability is to make network addresses dynamic rather than static, thus causing the cyber attackers’ probing to yield useless or misleading results. The attacker is then faced with the choice to give up or attack more “noisily” and risk being detected and countered by the network defender. This is validated by real-world experience. For example, “Red Hat” security auditors also exploit these static relationships for penetration testing. And, firewall, switch and intrusion prevention (IPS) manufacturers consistently warn customers about the threats at Layer 2 and Layer 3 because their products keep track of these static relationships and therefore are often prime targets of cyber attacks.