| Both sides previous revision Previous revision | |
| en:it-security:osi_layer_cyber_attacks [2024/02/05 00:20] – Automatic translation 135.181.137.61 | en:it-security:osi_layer_cyber_attacks [2024/02/05 08:33] (current) – old revision restored (2024/02/04 23:28) psycore |
|---|
| {{tag>deutsch blog it-security}} | {{tag>english blog it-security}} |
| ====== OSI layer cyber attacks ====== | ====== OSI layer cyber attacks ====== |
| |
| Listing of attacks according to [[wpde>OSI-Modell]] and associated risk minimisation. | Listing of attacks according to [[wp>OSI-Modell]] and associated risk minimisation. |
| |
| ^ Possible attacks ^ OSI Layer ^ Risk minimisation ^ | ^ Possible attacks ^ OSI Layer ^ Risk minimisation ^ |
| | @lightsalmon: [[wpde>SQL-Injection]], [[wpde>Cross-Site-Scripting]] , [[wpde>Remote Code Execution]] | @#ff34b3: **Application** | @#c1ffc1: Patch management, vulnerability management, web application firewall (WAF) | | | @lightsalmon: [[wp>SQL-Injection]], [[wp>Cross-Site-Scripting]] , [[wp>Remote Code Execution]] | @#ff34b3: **Application** | @#c1ffc1: Patch management, vulnerability management, web application firewall (WAF) | |
| | @lightsalmon: [[wpde>Code_Injection|Code Injection]], Data Format Manipulation, Serialisation Attacks | @#ff34b3: **Representation** | @#c1ffc1: Check and clean up data input, use secure programme libraries | | | @lightsalmon: [[wp>Code_Injection|Code Injection]], Data Format Manipulation, Serialisation Attacks | @#ff34b3: **Representation** | @#c1ffc1: Check and clean up data input, use secure programme libraries | |
| | @lightsalmon: [[wpde>Session_Hijacking|Session Hijacking]], Token Based Attacks, Session Sidejacking | @#ff34b3: **Session** | @#c1ffc1: randomised session IDs, automated logout mechanisms, secure tokens for user authentication | | | @lightsalmon: [[wp>Session_Hijacking|Session Hijacking]], Token Based Attacks, Session Sidejacking | @#ff34b3: **Session** | @#c1ffc1: randomised session IDs, automated logout mechanisms, secure tokens for user authentication | |
| | @lightsalmon: [[wpde>SYN-Flood|SYN flood attacks]], TCP session hijacking, UDP flood | @#ff34b3: **Transport** | @#c1ffc1: Monitor and control network traffic at the firewall, mitigate SYN flood attacks, implement secure data exchange | | | @lightsalmon: [[wp>SYN-Flood|SYN flood attacks]], TCP session hijacking, UDP flood | @#ff34b3: **Transport** | @#c1ffc1: Monitor and control network traffic at the firewall, mitigate SYN flood attacks, implement secure data exchange | |
| | @lightsalmon: IP spoofing, ICMP attacks, denial of service attacks | @#ff34b3: **Mediation** | @#c1ffc1: Firewall filtering, [[wpde>Intrusion_Detection_System|IDS]], [[wpde>Intrusion_Prevention_System|IPS]], prevent IP address spoofing via the router | | | @lightsalmon: IP spoofing, ICMP attacks, denial of service attacks | @#ff34b3: **Mediation** | @#c1ffc1: Firewall filtering, [[wp>Intrusion_Detection_System|IDS]], [[wp>Intrusion_Prevention_System|IPS]], prevent IP address spoofing via the router | |
| | @lightsalmon: MAC address spoofing, [[wpde>ARP-Spoofing|ARP spoofing]] | @#ff34b3: **Backup** | @#c1ffc1: Limit the number of MAC IDs on a port, network segmentation via VLAN | | | @lightsalmon: MAC address spoofing, [[wp>ARP-Spoofing|ARP spoofing]] | @#ff34b3: **Backup** | @#c1ffc1: Limit the number of MAC IDs on a port, network segmentation via VLAN | |
| | @lightsalmon: physical manipulation, such as pulling network cables or cutting the power supply | @#ff34b3: **Bit transmission** | @#c1ffc1: Access restriction, video surveillance | | | @lightsalmon: physical manipulation, such as pulling network cables or cutting the power supply | @#ff34b3: **Bit transmission** | @#c1ffc1: Access restriction, video surveillance | |
| |
135.181.137.61