MAC Addresses Flashcards
MAC is the _________ address for our network interfaces
Physical
Each host in a network has its own __ -bit ( __ octets) Media Access Control (MAC) address
48-bit (6 octets)
different standards for the MAC address:
x3
Ethernet (IEEE 802.3)
Bluetooth (IEEE 802.15)
WLAN (IEEE 802.11)
the MAC address addresses the physical connection (network card, Bluetooth, or WLAN adapter) of a host
Each network card has its individual MAC address…….
The MAC address consists of a total of _ bytes.
6 bytes.
Each IP packet has a ______ address and a _______ address.
Each IP packet has a sender address and a destination address.
The first half of the MAC address (3 bytes / 24 bit) is the so-called _________ _____ _______ (OUI) for the respective manufacturers.
Organization Unique Identifier (OUI)
The last half of the MAC address is called the _________ _______ ____ or _______ _______ ________ (NIC), which the manufacturers assign. The manufacturer sets this bit sequence only once and thus ensures that the complete address is unique.
Individual Address Part or Network Interface Controller
If a host with the IP target address is located in the same subnet, the delivery is made directly to the target computer’s _____ address.
directly to the target computer’s physical address
If the Ethernet frame’s destination address matches its own layer 2 address, the router will ______ the _____ to the ______ _______.
the router will forward the frame to the higher layers.
______ _______ _______ (ARP) is used in IPv4 to determine the MAC addresses associated with the IP addresses.
Address Resolution Protocol
The last bit of the _____ octet identifies the MAC address as ______ (0) or ________ (1)
The last bit identifies the MAC address as Unicast (0) or Multicast (1)
With unicast, it means that the packet sent will reach only ___ specific host.
one
With multicast, the packet is sent ____ to all hosts on the _____ network, which then decides whether or not to accept the packet based on their configuration
With multicast, the packet is sent once to all hosts on the local network, which then decides whether or not to accept the packet based on their configuration
The second last bit in the first octet identifies whether it is a global OUI, defined by the IEEE, or a locally administrated MAC address
Global OUI is:
Global OUI (2nd to last bit in first octet is 0)
Representation 1st Octet
Binary 1101 1100
The second last bit in the first octet identifies whether it is a global OUI, defined by the IEEE, or a locally administrated MAC address
Locally Administered is:
Locally Administered (2nd to last bit in first octet is 1)
Representation 1st Octet
Binary 1101 1110
This involves altering the MAC address of a device to match that of another device, typically to gain unauthorized access to a network.
MAC spoofing
This involves sending many packets with different MAC addresses to a network switch, causing it to reach its MAC address table capacity and effectively preventing it from functioning correctly.
MAC flooding
Some networks may be configured only to allow access to devices with specific MAC addresses that we could potentially exploit by attempting to gain access to the network using a spoofed MAC address.
MAC address filtering
Address Resolution Protocol is a _____ protocol
network protocol
Address Resolution Protocol is AKA
ARP
ARP is used to resolve _____ (layer 3 of the OSI model) to a ______ (layer 2 of the OSI model) MAC address.
Network layer 3 of the OSI model to a
Data Link layer 2 of the OSI model
What does ARP do?
it maps a host’s IP address to its corresponding MAC address to facilitate communication between devices on a Local Area Network (LAN)
When a device on a LAN wants to communicate with another device, it sends a broadcast message containing the destination IP address and its own MAC address
The device with the matching IP address responds with its own MAC address, and the two devices can then communicate directly using their MAC addresses. This process is known as ___ _______.
ARP resolution
ARP is an important part of the network communication process because it allows devices to send and receive data using MAC addresses rather than IP addresses, which can be more efficient
Two types of request messages can be used:
ARP Request
ARP Reply
ARP Request
When a device wants to communicate with another device on a LAN, it sends an ARP request to resolve the destination device’s IP address to its MAC address. The request is broadcast to all devices on the LAN and contains the IP address of the destination device. The device with the matching IP address responds with its MAC address
ARP Reply
When a device receives an ARP request, it sends an ARP reply to the requesting device with its MAC address. The reply message contains the IP and MAC addresses of both the requesting and the responding devices
The goal of _____ is to associate our MAC address with the IP address of a legitimate device on the company’s network, effectively allowing us to intercept traffic intended for the legitimate device
ARP Spoofing
ARP Spoofing, which can be used to _______ or ________ traffic on the network
intercept or manipulate traffic on the network
ARP spoofing, also known as ARP _____ _______ or ARP ______ ______
ARP cache poisoning or ARP poison routing,
Tools for ARP spoofing consist of:
x2
Ettercap
Cain & Abel
ARP poisoning to perform various activities, such as ______ ______ _______, redirecting traffic, or launching _____ attacks
stealing sensitive information, redirecting traffic, or launching MITM attacks
