Author: Valter Popeskic

DoS – Denial of Service attack

The concept behind the design of DoS attack is interfering in the normal functions of a server, web site, or other resources of a network. The hackers and even the virus writers can use number of ways in order to get this job done. One of the most common methods is flooding a server with heavy traffic from network so that it becomes difficult to control it. As a result of this heavy traffic it is not possible to carry out the normal functions properly and sometimes this can further lead to server crash.

The only difference in case of DDoS attack is that multiple machines are used in order to conduct it. The master and zombie machines are used by hackers or virus writers in order to co-ordinate the attack across the other. These two machines usually exploit an application’s vulnerability on the machine, to install any malicious code like Trojan.

The VLAN hosts reside in their own broadcast domain and can interact /communicate quite freely. VLANs can build partition of network as well as separation of traffic at layer 2 of the OSI, and as we have discussed earlier about the need of routers, in order to host or if you want any other device to interact between VLANs, then it is essential to use layer-3 device.

The division of the LAN into multiple VLAN is basically the same like separating them into different physical LANs. In this case is clear that you will need a router if you want to go from one LAN to another.

Frame Tagging

It is possible to build VLANs to pair number of connected switches. In the figure below you can see that the hosts from different VLANs are spread throughout number of switches. The biggest advantage to implement VLANs is its flexible and power-packed nature. The drawback is that it can become complicated—also for a switch— so it is important to have a way through which keeping the track of each one is easy i.e. all the users and frames when they travel the VLANs  and switch fabric. (Switch fabric is actually referred to as a group of switches that shares the same information of VLAN.)

Inter-Switch Link (ISL) is specifically used for tagging information of VLAN onto an Ethernet frame. This tagging information permits multiplexing of VLANs over a trunk link and this takes place through an external covering procedure or method, as a result of which the switch can easily determine/identify the membership of VLAN frame over the trunked link. When you run ISL, then it is easy to interconnect number of switches and it is also possible to maintain the information of VLAN while the traffic is passing on trunk links between switches.

The frames are actually switched all over the internetwork, it is important for the switches to keep the record of all the various kinds of frames, and also know how to utilize it on the basis of the hardware address. The management of frames is done in a different manner depending on the kind of link they are passing through.

In the switched environment there are two various kinds of links access and trunk links: