Information Technology Reference
In-Depth Information
table 9
.15
oSi Model perspectie of lAn Security
Layer
No.
Layer Name
Description
Security Considerations
7
Application
Application processing IP data
packet; the end user (person)
typically invokes a software
application that in turn
communicates to layer 7.
Malware like viruses, Trojan
Horses, worms, etc., may enter
the system via the application
layer.
6
Presentation
Present data to the application;
provides a standard interface
to the application layer to
present data
Attackers may use unicodes at
the presentation layer that
drop out of the current session
and convey commands to the
operating system.
5
Session
Communication session
establishment, management,
and breakdown between
computers/devices
The intent of session
management is to go from
point A to point B. A man-in-
the-middle attack inserts itself
between points A and B to see
the data flow, copy the data
flow, or to modify data in the
flow (integrity).
4
Transport
Controls the reliability of the
link, e.g., TCP (reliable), UDP
(unreliable)
The original intent of TCP, UDP,
and other transport protocols
was to get data there at all;
then there was a concern to
get data there effectively, and
then to get data there securely.
TCP and UDP may be used by
attackers to discover systems
and map networks. Firewall
filtering will resist much of
this, e.g., ping is a UDP level
tool, NMAP works at layer 4.
3
Network
Routing, routers, IP
Intercepting IP traffic; router
access to modify routing rules
and route management;
keeping router OS patched
and up to date
2
Data link
MAC addresses, Ethernet,
switches
Intercepting Ethernet traffic;
protection of Address
Resolution Protocol (ARP)
tables that convert physical
addresses to IP addresses
