The obvious question to ask is why the heck do I care for Layer 2?
The obvious answer to this is - no matter how secure you make your TCP/IP fortress if a hacker can punch in at any of the layers he has the keys of kingdom. Moreover most of the firewalls are not capable for detecting these kinds of attacks. Also to successfully conduct most of these attacks we have to be on the segment as of the victim.
So far VLANS was created as a means of secure LAN talks, but as we will see in the paper that with careful techniques these can also be subverted. Think of the scenario if the attacker can puncture the stack at Layer 2, he can now control all the above traffic.
I will try to provide a discussion on these attacks and there mitiagation mechanism (indebted to the pioneer in the area CISCO)
This document is in PDF format. To view it click here.