21 The Physical Layer

What you need to know:

The physical layer deals with turning frames from The Data-Link Layer into 1s and 0s, and communicates within the network adapter to transmit the data from one computer to another.

📖

Note that a majority of protocols on the physical layer and data-link layer exist under IEEE 802, from the Institute of Electrical and Electronics Engineers. There is no reasoning behind the number, other than it was the next available number for reservation for this family of protocols. From now on, when you read “802.3a” or “802.11g” for example, remember that they are in this general “family” of protocols in the IEEE 802 umbrella.

Ethernet

Ethernet standards are defined under 802.3 and can appear over many different cable forms, from Coaxial to RJ-45, to Fiber. It also comes in multiple different speeds, from 10BASE-T, 100BASE-TX, and 1000BASE-T “Ethernet over Twisted Pair”, where the number indicates the megabits per second (millions of bits per second), with the most common today being “Gigabit Ethernet”. There’s faster speeds out there which uses Fiber Optic Cables, 10GBASE-T, 25GBASE-T, 40GBASE-T, 100GBASE-T and beyond, but you shouldn’t worry yourself about those right now.

Note that when we talk about “Ethernet” in a networking sense, we’re referring to the protocol of communication. The cable connector you would think is “ethernet” is actually RJ-45. RJ-45 is used for not just “ethernet”, but also serial connectors, particularly with networking hardware. This is important because, if you plug in an “ethernet”-based connection to a non-”ethernet” based connection, the best-case scenario that can happen is it doesn’t work, while the worst case is you fry one or both adapters on the cable because they are electrically not compatible.

“Ethernet” RJ-45, right next to a Serial Console port which also uses RJ-45, and an Auxiliary port using RJ-45. Image Credits.

Wireless LAN

Wireless LAN (WLAN) is under 802.11, composed of multiple different standard levels, each with improvements to the last.

A (few) protocol relating to speed:

Brand Name	Protocol	Year Adopted	Max Speed (Mbps)
WiFi 7	802.11be	2024	1376 - 46,120
WiFi 6e	802.11ax	2020	574 - 9,608
WiFi 6	802.11ax	2019	574 - 9,608
WiFi 5	802.11ac	2014	433 - 6,933
WiFi 4	802.11n	2008	72 - 600
WiFi 3*	802.11g	2003	6 - 54

*: 802.11 “g”, “a”, and “b” were not named anything, but retroactively called WiFi 3, 2, etc… after WiFi 4 came out.

The main standards for WiFi security:

Common Name	Year Ratified	Notes
WPA3	2018	Recommended for all new installations since 2020.
WPA2	2004	Upgraded hardware requirements to make sure encryption didn’t slow down connections.
Wi-Fi Protected Access (WPA)	1999	The interim standard immediately addressing concerns with WEP.
Wired Equivalent Privacy (WEP)	1997	Do not use this! Was proven insecure in 2005. We still see this in the wild.

Other Physical Layer Protocols

Bluetooth (802.15.1, now managed by Bluetooth Special Interest Group), WiMAX (802.16), and even USB and PCI express are all kinds of “physical protocols”, but they aren’t as prevalent as Ethernet and we won’t be going further into it.

How does this relate to Cybersecurity?

An Ethernet sniffer I found on Amazon.

Ethernet Sniffers are little boxes you can put in the middle of an Ethernet cable and essentially copy all of the traffic on the cable from both ends onto your cable (like a phone tap).

There are multiple WiFi hacking/pentesting platforms out there, but pictured here is a basic WiFi Pineapple, which can assist in reconnaissance, exploiting vulnerable WiFi networks, and man-in-the-middle attacks on targets, or just a general honeypot for would-be attackers.

From what we learn on the network stack, it only emphasizes that you can only have strong cybersecurity when you have strong physical security, if an attacker can listen in on “trusted” connections on layer 1 then every layer above is compromised.

A WiFi Pineapple, a WIFi pentesting platform with recon, exploitation, man-in-the-middle, and denial of service.