{{tag>english blog it-security}}
====== OSI layer cyber attacks ======

Listing of attacks according to [[wp>OSI-Modell]] and associated risk minimisation.

^ Possible attacks ^ OSI Layer ^ Risk minimisation ^
| @lightsalmon: [[wp>SQL-Injection]], [[wp>Cross-Site-Scripting]] , [[wp>Remote Code Execution]] | @#ff34b3: **Application** | @#c1ffc1: Patch management, vulnerability management, web application firewall (WAF) |
| @lightsalmon: [[wp>Code_Injection|Code Injection]], Data Format Manipulation, Serialisation Attacks | @#ff34b3: **Representation** | @#c1ffc1: Check and clean up data input, use secure programme libraries |
| @lightsalmon: [[wp>Session_Hijacking|Session Hijacking]], Token Based Attacks, Session Sidejacking | @#ff34b3: **Session** | @#c1ffc1: randomised session IDs, automated logout mechanisms, secure tokens for user authentication  |
| @lightsalmon: [[wp>SYN-Flood|SYN flood attacks]], TCP session hijacking, UDP flood | @#ff34b3: **Transport** | @#c1ffc1: Monitor and control network traffic at the firewall, mitigate SYN flood attacks, implement secure data exchange |
| @lightsalmon: IP spoofing, ICMP attacks, denial of service attacks | @#ff34b3: **Mediation** | @#c1ffc1: Firewall filtering, [[wp>Intrusion_Detection_System|IDS]], [[wp>Intrusion_Prevention_System|IPS]], prevent IP address spoofing via the router |
| @lightsalmon: MAC address spoofing, [[wp>ARP-Spoofing|ARP spoofing]] | @#ff34b3: **Backup** | @#c1ffc1: Limit the number of MAC IDs on a port, network segmentation via VLAN |
| @lightsalmon: physical manipulation, such as pulling network cables or cutting the power supply  | @#ff34b3: **Bit transmission** | @#c1ffc1: Access restriction, video surveillance |

----

Source: [[https://www.linkedin.com/company/ethical-hackers-academy/]]