blocks the use of FTP but allows HTTP, then tools such as HTTP
               Tunnel can be used to bypass this restriction. This could result in an

               encapsulation structure such as this:


               [ Ethernet [ IP [ TCP [ HTTP [ FTP ] ] ] ]


               Normally, HTTP carries its own web-related payload, but with the
               HTTP Tunnel tool, the standard payload is replaced with an
               alternative protocol. This false encapsulation can even occur lower in
               the protocol stack. For example, ICMP is typically used for network
               health testing and not for general communication. However, with

               utilities such as Loki, ICMP is transformed into a tunnel protocol to
               support TCP communications. The encapsulation structure of Loki is
               as follows:



               [ Ethernet [ IP [ ICMP [ TCP [ HTTP ] ] ] ] ]


               Another area of concern caused by unbounded encapsulation support
               is the ability to jump between virtual local area networks (VLANs).
               VLANs are network segments that are logically separated by tags. This

               attack, known as VLAN hopping, is performed by creating a double-
               encapsulated IEEE 802.1Q VLAN tag:


               [ Ethernet [ VLAN1 [ VLAN2 [ IP [ TCP [ HTTP ] ] ] ] ] ]


               With this double encapsulation, the first encountered switch will strip
               away the first VLAN tag, and then the next switch will be fooled by the
               interior VLAN tag and move the traffic into the other VLAN.

               Multilayer protocols provide the following benefits:

                    A wide range of protocols can be used at higher layers.


                    Encryption can be incorporated at various layers.

                    Flexibility and resiliency in complex network structures is
                    supported.