Network stack (dode): What each layer does - attack patterns on each layer - & how to defend it

From Computing and Software Wiki

Jump to: navigation, search

What each layer does, what attacks can happen, and how to defend it:

- Application/Presentation: the final interface of a software, ex: the login page of a website, that checks user names against IPs and lets the user in the system

attack: write a sql script that gives back the whole table of all IDs and Passwords


- Transport: transports packets to the correct protocol

attack: pirate gets all the ports that a server uses

defense: make a table of how frequently each specific IP asks for ports and

- Network:

IP: routed

IPX: not routed

attack: spoofing IPs:

1. fire wall

2. internal

denial of service:

1. IP routing defined

2.not defined: declare fake IPs, send Zillions, ttl


- Data link: Drive data to correct protocols


it is the easiest, & can only be done on local network

Switch's routing table looks like this:

      mcaddress              ip
   ..blah...blah..        ..192.168....
   ....blah blah..        ....192.168.1..

the pirate will fill the routing table with mc IDs saying you are all of them. (is is called spoofing)


1. read only routing table: preferred method


- Physical: mcaddress

attack: some one can physically take away your network card or unplug your internet cable.

defense: Don't let people touch your computer :) it gets more complicated with wireless technologies

Personal tools