The OSI model is like the blueprint of communication in computer networks. It stands for Open Systems Interconnection and is a conceptual framework that standardizes the functions of a telecommunication or computing system into seven abstraction layers. These layers, from bottom to top, are Physical, Data Link, Network, Transport, Session, Presentation, and Application.
Each layer serves a specific purpose, and together they ensure that different systems can communicate seamlessly. It's like a well-organized team, with each player having a distinct role but working towards a common goal.
In the table below, we will break down each OSI layer, it's basic activity and and some of their attack vectors.
OSI LAYER | Activity | Attack Vector |
---|---|---|
7. Application | -User Interface & Software Application -Web Browsing, Email, HTTP, FTP, & SMTP |
-Malware Injection -Phishing Attacks -Application Level DDoS attacks |
6. Presentation | -Data Encryption & Decryption -Data Compression & Expansion -Viewing Compressed Files |
-Data Encoding/Decoding Vulnerabilities -Malicious Code Injection -Format String Attacks |
5. Session | -Establishes, Manages & Terminates Connections -Manages Session State -Video Conferencing |
-Session Hijacking -Brute Force Attacks -Session Fixation Attacks |
4. Transport | -Ensures end-to-end Data Delivery -TCP & UDP Protocols -Error Correction |
-MITM Attacks -SYN/ACK Flooding -TCP/IP Vulnerabilities |
3. Network | -Routing & Addressing -IPV4, IPV6 & Routing Protocols -Subnet Configuration |
-IP Spoofing -Routing Table Manipulation -DDos Attack |
2. Data Link | -Frames & Error Detection/Correction -Wi-Fi & Bridging |
-MAC Spoofing -ARP Spoofing -VLAN Hopping |
1. Physical | -Physical Medium & Electrical Signaling -Ethernet Cables, Fiber Optics etc. -Radio Waves In Wireless Links |
-Physical Tampering -Wiretapping -Electromagnetic Interference |
Member discussion: