Seven OSI Attacks Layers:
1. Application Layer
Application layer attacks can be implemented using several different methods. One of the most common methods is exploiting well-known weaknesses in software commonly found on servers, such as Send mail, Hypertext Transfer Protocol (HTTP), and File Transfer Protocol (FTP). By exploiting these weaknesses, hackers can gain access to a computer with the permission of the account running the application, which is usually a privileged system-level account. These application layer attacks are often widely publicized in an effort to allow administrators to rectify the problem with a patch. Unfortunately, many hackers also subscribe to these same mailing lists, a scenario that results in their learning about the attack, if they have not discovered it already. The primary problem with application layer attacks is that they often use ports that are allowed through a firewall. For example, a hacker executing a known vulnerability against a Web server often uses TCP port 80 in the attack. Because the Web server delivers pages to users, a firewall must allow access on that port. From the perspective of the firewall, it is merely standard port 80 traffic.
author(pixcel.com)Application layer attacks can never be completely eliminated. New vulnerabilities are always being discovered and publicized to the Internet community. Driven by the demands of the Internet market, companies continue to release software and hardware with many known security issues and bugs.
Furthermore, users continue to make security difficult by downloading, installing, and configuring unauthorized applications that introduce new security risks at an alarming rate.
Attacks: Buffer overflow, XSS, DDoS.
2. Presentation Layer
The presentation layer ensures communication between the application layer of two systems. If necessary, the presentation layer translates between multiple data formats by using a common format.
From a security standpoint, any user can intercept and read these data packets with very little effort, especially in a carrier sense multiple access collision detection (CSMA/CD) Ethernet environment.
In order to protect data, encryption should be utilized. This helps keep data private and secure by making the data unreadable except for the destination that holds the encryption key. Many common encryption techniques can now be deciphered, thus generating the need for stronger encryption methods. However, using sophisticated encryption methods are slower due to increased processing requirements.
Another problem with the presentation layer is with compression techniques. Compressed, zipped, or tarred Trojan horses, viruses, and other control daemons can easily pass through most firewalls without detection, only to be uncompressed and compromise a host computer or network.
Attacks: Unicode vulnerability, SSL Strip.
3. Session Layer
As its name implies, the session layer establishes, manages, and terminates sessions between two communicating hosts. It also synchronizes dialogue between the two hosts' presentation layers, and manages their data exchange. In addition to session regulation, the session layer offers provisions for efficient data transfer, class of service, and exception reporting of session-layer, presentation-layer, and application-layer problems. Many protocols operating at the session layer such as Network File System (NFS), Sequenced Query Language (SQL), Server Message Block (SMB), and X windows can be exploited to gain unauthorized access to resources. Also, root control of the device can be achieved through these protocols.
Attacks: Session hijacking, DNS poisoning.
4. Transport Layer
The transport layer segments data from the sending host system and reassembles the data into a data stream on the receiving host system. In providing communication service, the transport layer establishes, maintains, and properly terminates virtual circuits. In providing reliable service, transport-error detection and-recovery and information flow control are used.
The transport layer is especially vulnerable to an attack. Many applications and protocols use well-known TCP and User Datagram Protocol (UDP) ports that must be protected. This is analogous to locking the door but leaving all the windows wide open. These windows must also be closed or secured. Segment level attacks such as Do S, spoofing, and hijacking can be performed. Numerous port scanners are available to perform reconnaissance on a host or network.
Attacks: SYN flood, invalid TCP flags, UDP flood.
5. Network Layer
The network layer provides connectivity and path selection between two host systems that may be located on geographically separated networks. Packet-level exploits include ping scans, sniffing, DoS, Address Resolution Protocol (ARP) poisoning, nuking, ping of death, and spoofing. DDoS attacks such as SMURF, Stacheldraht, and TFN are especially dangerous to target networks and devices.
author(pixcel.com)
Attacks: ICMP flood, OS fingerprinting, IP address spoofing, routing table poisoning.
6. Data Link Layer
The data link layer provides reliable transit of data across a physical link. The data link layer is concerned with physical, as opposed to logical addressing, network topology, network access, error notification, ordered delivery of frames, and flow control. Frame-level exploits and vulnerabilities include sniffing, spoofing, broadcast storms, and insecure or absent virtual LANs (VLANs, or lack of VLANs). Network interface cards (NICs) that are misconfigured or malfunctioning can cause serious problems on a network segment or the entire network.
Attacks: Sniffing, ARP cache poisoning, macof attack.
k.7. Physical Layer
The physical layer defines the electrical, mechanical, procedural, and functional specifications for activating, maintaining, and deactivating the physical link between end systems. Characteristics such as voltage levels, timing of voltage changes, physical data rates, maximum transmission distances, physical connectors, and other attributes are defined by physical layer specifications.
Attacks: Cutting cables, jamming, keystroke, logging.
Note:-If You Want To More Technology Related Updates Comment Down!!! To See More Tech News!π
**********************************
Happy to see you hereππ.
**********************************
visit www.javaoneworld.com for more posts.
*********************
No comments:
Post a Comment