The Cyber Edge Home Page

The Rise of the IP Network and Its Vulnerabilities

April 1, 2017

Internet protocol (IP) networks achieve functionality through a layering process analogous to the fabrication of their enabling semiconductor chips. But that complex process introduces complications along with capabilities.

Usually, once the 802.1x and Spanning Tree Protocol building blocks are in place, virtual local area networks (VLANs) are defined. VLANs are groups of devices on one or more LANs that are configured to communicate as if they were attached to the same wire, but they actually are located on a number of different LAN segments. Because VLANs are based on logical instead of physical connections, they are extremely flexible. Now, to solve a different problem, another protocol is added to the stack. Known as Open Shortest Path First (OSPF), this router protocol is used to find the best path for packets as they pass through a set of connected networks. 

The addition of Protocol Independent Multicast, commonly known as PIM, allows the transmission of common data in a one-to-many or many-to-many scheme. For example, streaming Netflix to the desktop or TV is a multicast. Two more building blocks top this stack of protocols—Border Group Protocol (BGP) and Multiprotocol Label Switching (MPLS). BGP was designed to exchange routing and reachability information among autonomous systems on the Internet. MPLS was designed as a type of data-carrying technique for high-performance telecommunications networks. It directs data from one network node to the next based on short path labels rather than long network addresses, avoiding complex look-ups in a routing table.

Once all these building blocks are set, the network is usable, although seven protocols are stacked one on top of the other and need to be traversed for the network to function properly. If one of the protocols fails, in this implementation, users would have to wait for the network to re-converge that protocol before the network could be used again. This could take anywhere from several seconds to several minutes, depending on the type of failure. If a multicast were in use, it certainly would be a noticeable failure, as the video would stop, and users would have to wait for the network to re-converge before being able to see the video stream again.

These stacked protocol implementations are really nothing more than a house of cards because one protocol failure brings down every other protocol with it. Not only that, but also each node has the same protocols, so this problem is exacerbated throughout the network. Because these are all IP-based protocols, a hacker could sniff an IP address, making it much more likely to be attacked anywhere across the network.

Enjoyed this article? SUBSCRIBE NOW to keep the content flowing.


Share Your Thoughts: