OSI Model: Layer's, Examples & Attacks


OSI Model

The OSI model (Open Systems Interconnection) is a foundational concept that helps us understand how data flows in a network, layer by layer. Each layer has its own unique role.

Layer 1(Physical Layer)
Role: Physical connection between devices and Sends raw data (1s and Os) over cables or wireless signals.
Examples: Ethernet cables, Wi-Fi signals.
Attacks: Cable tapping.
Note: Hub Operates at Physical Layer of OSI Model.

Layer 2(Data Link Layer)
Role: Organizes data into frames and ensures error-free delivery between devices on the same network.
Examples: MAC, ARP.
Attacks: MAC spoofing, ARP poisoning.
Note: Switch operates at Data Link Layer of OSI Model.

Layer 3(Network Layer)
Role: Finds the best path for data to travel between devices on different networks.
Examples: IP (IPv4/IPv6), ICMP, BGP, OSPF.
Attacks: IP spoofing, route injection.
Note: Router Operates at network layer of OSI Model.

Layer 4(Transport Layer)
Role: Ensures data is delivered completely and correctly, either reliably (TCP) or faster without error-checking (UDP).
Examples: TCP, UDP.
Attacks: SYN flooding, session hijacking.

Layer 5(Session Layer)
Role: Manages sessions (connections) between devices.
Examples: NetBIOS, SMB.
Attacks: Session fixation, session hijacking.

Layer 6(Presentation Layer)
Role: Converts data into a readable format (e.g., encrypts, compresses and translates it).
Examples: SSL/TLS, JPEG.
Attacks: Man-in-the-middle, SSL stripping.

Layer 7(Application Layer)
Role: Provide Interfaces to end-user applications.
Examples: HTTP, FTP, DNS, SMTP.
Attacks: SQL injection, XSS, phishing.

Comments

Post a Comment

Popular posts from this blog

Password generator using Python

Image
  Password generator using Python 1. Introduction In today’s digital world a strong password is the first line of defense against cyber threat is the strong password. One of the leading causes of data breach is the weak and reused password. In this article, we’ll build a password generator using Python, a simple yet effective Cybersecurity project ideal for beginners. It utilizes the python libraries such as random and string which allows in generating random number, alphabet and special characters.   2. Project Objective It is the short and the weekend project which can be completed within hours which helps you to brush-up your python skills and understanding of the language. The password generate takes user input to determine the length of the password and if the given length is less than the appropriate length then the generator reply with the “The length must be equal or greater than 8” and if the user give appropriate length for the generator it will proceed w...
Read more

Cybersecurity Project’s every beginner should do…

Image
  The Importance of Cybersecurity  Projects for Aspiring Analysts! When you’re aiming for a cybersecurity analyst position, having hands-on projects on your CV is a game changer! It’s not just about having knowledge -employers want to see what you can do. Projects showcase your skills in a real-world context, making you stand out, even if you don’t have the typical “3 years of experience” they ask for. 1:- SETUP AWS ACCOUNT AND MONITOR WITH CLOUD TRAIL AND ALERT WITH SNS AWS CloudTrail is a service that enables monitoring and logging of account activities across your AWS infrastructure in real-time By integrating CloudTrail with Amazon EventBridge, you can automate the detection and response to security events. This setup allows you to create custom rules that trigger alerts or actions based on specific activities, such as unauthorized access attempts or changes to critical resources. Utilizing the free-tier AWS account, you can implement effective monitoring and incident resp...
Read more

CyberSecurity Journey: My Path to ISC²-CC Certification

Image
Why it’s important? As a cybersecurity enthusiast if you want to start your carrier in cybersecurity. Then it’s a good choice for you, Why? because  ISC²  provides free of cost examination for the newcomers. But it’s not that easy like it’s takes me 2 attempts to clear this exam and I’ll guide you how to crack the exam. . . . . . .  Step 1:  Create a   account Go to the official  ISC²  website or click   here   to register, Once you created the account the you have to register for Certified in Cybersecurity(CC) exam. USE the code “ CC1M12312024 " to book an appointment at Preason Vue exam center. NOTE: The voucher code in only valid till 2024. Step 2: Start Preperation Start the Self-Paced training provided by the ISC2, Obviously which is not sufficient to pass the exam you have to cover more than that. Once, you complete with the Self-Paced training then start the free of cost  playing list  on Youtube by Cyber State. Step 3:...
Read more