Layer 2 network security bypass using VLAN 0, LLC/SNAP headers and invalid length.
You should always drop unknown/unclassified traffic. Using VLAN 0, LLC/SNAP headers and invalid length gives you multiple ways to encapsulate the same L3 payload on Ethernet/Wifi, allowing you to bypass some L2 network security control implementations like IPv6 Router Advertisement Guard.
This post was created with our nice and easy submission form. Create your post!