Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
As we begin our ascent up through the layers of the OSI reference model from the Physical Layer, our next stop is the Data Link layer otherwise known as Layer 2. This layer is unique in that it is comprised of two sub-layers known as the LLC (Logical Link Control) layer and the MAC (Media Access Control) layer respectively. The LLC layer is responsible for the detection of errors that result from data collisions. We'll see in a moment how it also is responsible for implementing strategies for minimizing such collisions. The MAC sub-layer is where the 48-bit physical device addresses reside. These addresses are unique for every device in the world (in theory anyway) and are comprised of a manufacturer's ID portion and a device ID portion. Mapping from IP addresses to MAC addresses is handled by the Address Resolution Protocol (ARP) and conversely, mapping in the other direction is handled by the Reverse ARP protocol. Makes sense, right? As with each layer that we'll examine, there are threats that exist at the MAC layer, most prominently, poisoning of the ARP cache. This is an exploit where an unsolicited reply is generated in order to cause data misdirection for malicious purposes. We conclude this section by examining the collision detection and management strategies present at the LLC sub-layer. CSMDA/CD (Carrier Sense Multiple Access with Collision Detection) "listens" for data on the line and only transmits when the line is quiet. It also listens for collisions (Collision Detection) and implements a backoff protocol prior to retrying if a collision is detected. CSMDA/CA (Carrier Sense Multiple Access with Collision Avoidance) similarly listens on the media for data, but instead of immeditately transmitting when quiet is detected, instead signals its desire to transmit, much like raising your hand in class to ask a question. An older collision avoidance strategy and one little-used today, is that of Token Ring where a token is passed around to endpoints desiring to transmit. This technique is analogous to passing a mic on to the next person wishing to speak in an audience.