Layer One - the Physical Layer
The physical Layer is responsible for the physical communication between end stations. it is concerned with the actual encoding and transmission of data in electro- electromechanical terms of voltage and wavelength mechanical
Physical Layer Vulnerabilities
Loss of Power
Loss of Environmental Control
Physical Theft of Data and Hardware
Physical Damage or Destruction of Data and Hardware
Unauthorized changes to the functional environment (data connections, removable media, adding/removing resources)
Disconnection of Physical Data Links
Undetectable Interception of Data
Keystroke & Other Input Logging
Physical Layer Controls
Locked perimeters and enclosures
Electronic lock mechanisms for logging & detailed authorization
Video & Audio Surveillance
PIN & password secured locks
Biometric authentication systems
Data Storage Cryptography
Layer Two - Data Link Layer
The Data Link Layer is concerned with the logical elements of transmissions between two directly connected stations. It deals with issues of local topology where many stations may share a common local media. This is the layer where data packets are prepared for transmission by the physical layer.
Link Layer Vulnerability Examples
MAC Address Spoofing (station claims the identity of another)
VLAN circumvention (station may force direct communication with other stations, bypassing logical controls such as subnets and firewalls.)
Spanning Tree errors may be accidentally or purposefully introduced, causing the layer two environments to transmit packets in infinite loops.
In wireless media situations, layer two protocols may allow free connection to the network by unauthorized entities, or weak authentication and encryption may allow a false sense of security.
Switches may be forced to flood traffic to all VLAN ports rather than selectively forwarding to the appropriate ports, allowing interception of data by any device connected to a VLAN.
Link Layer Controls
MAC Address Filtering- Identifying stations by address and cross-referencing physical port or logical access
Do not use VLANs to enforce secure designs. Layers of trust should be physically isolated from one another, with policy engines such as firewalls between.
Wireless applications must be carefully evaluated for unauthorized access exposure. Built-in encryption, authentication, and MAC filtering may be applied to secure networks.
Layer Three - Network Layer
The Network layer is concerned with the global topology of the internet work - it is used to determine what path a packet would need to take to reach a final destination over multiple possible data links and paths over numerous intermediate hosts. This layer typically uses constructs such as IP addresses to identify nodes, and routing tables to identify overall paths through the network and the more immediate next-hop that a packet may be forwarded to.
Network Layer Vulnerabilities
Route spoofing - propagation of false network topology
IP Address Spoofing- false source addressing on malicious packets
Identity & Resource ID Vulnerability - Reliance on addressing to identify resources and peers can be brittle and vulnerable
Network Layer Controls
Route policy controls - Use strict anti-spoofing and route filters at network edges
Firewalls with strong filter & anti-spoof policy
ARP/Broadcast monitoring software
Implementations that minimize the ability to abuse protocol features such as
Layer Four - Transport Layer
The Transport Layer is concerned with the transmission of data streams into the lower layers of the model, taking data streams from above and packaging them for transport, and with the reassembly and passing of incoming data packets back into a coherent stream for the upper layers of the model.
Transport Layer Vulnerabilities
Mishandling of undefined, poorly defined, or “illegal” conditions
Differences in transport protocol implementation allow “fingerprinting’ and other enumeration of host information
Overloading of transport-layer mechanisms such as port numbers limit the ability to effectively filter and qualify traffic.
Transmission mechanisms can be subject to spoofing and attack based on crafted packets and the educated guessing of flow and transmission values, allowing the disruption or seizure of control of communications.
Transport Layer Controls
Strict firewall rules limiting access to specific transmission protocols and sub- sub protocol information such as TCP/UDP port number or ICMP type
Stateful inspection at firewall layer, preventing out-of-state packets, “illegal” flags, and other phony packet profiles from entering the perimeter
Stronger transmission and layer session identification mechanisms to prevent the attack and takeover of communications
Layer Five- Session Layer
The Session Layer is concerned with the organization of data communications into logical flows. It takes the higher layer requests to send data and organizes the initiation and cessation of communication with the far end host. The session layer then presents its data flows to the transport layer below where actual transmission begins.
Session Layer Vulnerabilities
Weak or non-existent authentication mechanisms
Passing of session credentials such as user ID and password in the clear, allowing intercept and unauthorized use
Session identification may be subject to spoofing and hijack
Leakage of information based on failed authentication attempts
Unlimited failed sessions allow brute-force attacks on access credentials
Session Layer Controls
Encrypted password exchange and storage
Accounts have specific expirations for credentials and authorization
Protect session identification information via random/cryptographic means
Limit failed session attempts via timing mechanism, not lockout
Layer Six- Presentation Layer
The Presentation Layer deals with the organization of data passed from the application layer into the network. This layer allows for the standardization of data and the communication of data between dissimilar hosts, such as platforms with different binary number representation schemes or character sets (ASCII vs. UNICODE, for example.)
Presentation Layer Vulnerabilities
Poor handling of unexpected input can lead to application crashes or surrender of control to execute arbitrary instructions.
Unintentional or ill-advised use of externally supplied input in control contexts may allow remote manipulation or information leakage.
Cryptographic flaws may be exploited to circumvent privacy protections
Presentation Layer Controls
Careful specification and checking of received input incoming into applications or library functions
Separation of user input and program control functions- input should be sanitized and sanity checked before being passed into functions that use the input to control operation
Careful and continuous review of cryptography solutions to ensure current security versus know and emerging threats
Layer Seven- Application Layer
The Application Layer deals with the high-level functions of programs that may utilize the network. User interface and primary function live at this layer. All functions not pertaining directly to network operation occur at this layer
Application Layer Vulnerabilities
Open design issues allow free use of application resources by unintended parties
Backdoors and application design flaws bypass standard security controls
Inadequate security controls force “all-or-nothing” approach, resulting in either excessive or insufficient access.
Overly complex application security controls tend to be bypassed or poorly understood and implemented.
Program logic flaws may be accidentally or purposely used to crash programs or cause undesired behavior
Application Layer Controls
Application level access controls to define and enforce access to application resources.
Controls must be detailed and flexible, but also straightforward to prevent complexity issues from masking policy and implementation weakness
Standards, testing, and review of application code and functionality-A baseline is used to measure application implementation and recommend improvements
IDS systems to monitor application inquiries and activity
Some host-based firewall systems can regulate traffic by application, preventing unauthorized or covert use of the network.